Examples with Signature org.opensaml.xmlsec.signature.Signature used on opensource projects

Search in sources :

Example 1 with Signature

use of org.opensaml.xmlsec.signature.Signature in project cas by apereo.

the class SamlObjectSignatureValidator method verifySamlProfileRequestIfNeeded.

/**
     * Verify saml profile request if needed.
     *
     * @param profileRequest the profile request
     * @param resolver       the resolver
     * @param request        the request
     * @param context        the context
     * @throws Exception the exception
     */
public void verifySamlProfileRequestIfNeeded(final RequestAbstractType profileRequest, final MetadataResolver resolver, final HttpServletRequest request, final MessageContext context) throws Exception {
    final RoleDescriptorResolver roleDescriptorResolver = getRoleDescriptorResolver(resolver, context, profileRequest);
    LOGGER.debug("Validating signature for [{}]", profileRequest.getClass().getName());
    final Signature signature = profileRequest.getSignature();
    if (signature != null) {
        validateSignatureOnProfileRequest(profileRequest, signature, roleDescriptorResolver);
    } else {
        validateSignatureOnAuthenticationRequest(profileRequest, request, context, roleDescriptorResolver);
    }
}
Also used : BasicRoleDescriptorResolver(org.opensaml.saml.metadata.resolver.impl.BasicRoleDescriptorResolver) RoleDescriptorResolver(org.opensaml.saml.metadata.resolver.RoleDescriptorResolver) Signature(org.opensaml.xmlsec.signature.Signature)

Example 2 with Signature

use of org.opensaml.xmlsec.signature.Signature in project ddf by codice.

the class SimpleSign method signSamlObject.

public void signSamlObject(SignableSAMLObject samlObject) throws SignatureException {
    X509Certificate[] certificates = getSignatureCertificates();
    String sigAlgo = getSignatureAlgorithm(certificates[0]);
    PrivateKey privateKey = getSignaturePrivateKey();
    // Create the signature
    Signature signature = OpenSAMLUtil.buildSignature();
    if (signature == null) {
        throw new SignatureException("Unable to build signature.");
    }
    signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    signature.setSignatureAlgorithm(sigAlgo);
    BasicX509Credential signingCredential = new BasicX509Credential(certificates[0]);
    signingCredential.setPrivateKey(privateKey);
    signature.setSigningCredential(signingCredential);
    X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
    x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
    try {
        KeyInfo keyInfo = x509KeyInfoGeneratorFactory.newInstance().generate(signingCredential);
        signature.setKeyInfo(keyInfo);
    } catch (org.opensaml.security.SecurityException e) {
        throw new SignatureException("Error generating KeyInfo from signing credential", e);
    }
    if (samlObject instanceof Response) {
        List<Assertion> assertions = ((Response) samlObject).getAssertions();
        for (Assertion assertion : assertions) {
            assertion.getSignature().setSigningCredential(signingCredential);
        }
    }
    samlObject.setSignature(signature);
    SAMLObjectContentReference contentRef = (SAMLObjectContentReference) signature.getContentReferences().get(0);
    contentRef.setDigestAlgorithm(SignatureConstants.ALGO_ID_DIGEST_SHA1);
    samlObject.releaseDOM();
    samlObject.releaseChildrenDOM(true);
}
Also used : PrivateKey(java.security.PrivateKey) Assertion(org.opensaml.saml.saml2.core.Assertion) X509Certificate(java.security.cert.X509Certificate) Response(org.opensaml.saml.saml2.core.Response) BasicX509Credential(org.opensaml.security.x509.BasicX509Credential) KeyInfo(org.opensaml.xmlsec.signature.KeyInfo) SAMLKeyInfo(org.apache.wss4j.common.saml.SAMLKeyInfo) Signature(org.opensaml.xmlsec.signature.Signature) SAMLObjectContentReference(org.opensaml.saml.common.SAMLObjectContentReference) X509KeyInfoGeneratorFactory(org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory)

Aggregations

Signature (org.opensaml.xmlsec.signature.Signature)2 PrivateKey (java.security.PrivateKey)1 X509Certificate (java.security.cert.X509Certificate)1 SAMLKeyInfo (org.apache.wss4j.common.saml.SAMLKeyInfo)1 SAMLObjectContentReference (org.opensaml.saml.common.SAMLObjectContentReference)1 RoleDescriptorResolver (org.opensaml.saml.metadata.resolver.RoleDescriptorResolver)1 BasicRoleDescriptorResolver (org.opensaml.saml.metadata.resolver.impl.BasicRoleDescriptorResolver)1 Assertion (org.opensaml.saml.saml2.core.Assertion)1 Response (org.opensaml.saml.saml2.core.Response)1 BasicX509Credential (org.opensaml.security.x509.BasicX509Credential)1 X509KeyInfoGeneratorFactory (org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory)1 KeyInfo (org.opensaml.xmlsec.signature.KeyInfo)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial