/** {@inheritDoc} */ public String getSignatureAlgorithmURI(Credential credential) { Key key = SecurityHelper.extractSigningKey(credential); if (key == null) { log.debug("Could not extract signing key from credential, unable to map to algorithm URI"); return null; } else if (key.getAlgorithm() == null) { log.debug("Signing key algorithm value was not available, unable to map to algorithm URI"); return null; } return getSignatureAlgorithmURI(key.getAlgorithm()); }
/** {@inheritDoc} */ public String getSignatureAlgorithmURI(Credential credential) { Key key = SecurityHelper.extractSigningKey(credential); if (key == null) { log.debug("Could not extract signing key from credential, unable to map to algorithm URI"); return null; } else if (key.getAlgorithm() == null) { log.debug("Signing key algorithm value was not available, unable to map to algorithm URI"); return null; } return getSignatureAlgorithmURI(key.getAlgorithm()); }
/** * Generates the signature over the string of concatenated form control data as indicated by the SimpleSign spec. * * @param signingCredential credential that will be used to sign * @param algorithmURI algorithm URI of the signing credential * @param formData form control data to be signed * * @return base64 encoded signature of form control data * * @throws MessageEncodingException there is an error computing the signature */ protected String generateSignature(Credential signingCredential, String algorithmURI, String formData) throws MessageEncodingException { log.debug(String.format( "Generating signature with key type '%s', algorithm URI '%s' over form control string '%s'", SecurityHelper.extractSigningKey(signingCredential).getAlgorithm(), algorithmURI, formData)); String b64Signature = null; try { byte[] rawSignature = SigningUtil.signWithURI(signingCredential, algorithmURI, formData.getBytes("UTF-8")); b64Signature = Base64.encodeBytes(rawSignature, Base64.DONT_BREAK_LINES); log.debug("Generated digital signature value (base64-encoded) {}", b64Signature); } catch (SecurityException e) { log.error("Error during URL signing process", e); throw new MessageEncodingException("Unable to sign form control string", e); } catch (UnsupportedEncodingException e) { // UTF-8 encoding is required to be supported by all JVMs } return b64Signature; }
SecurityHelper.extractSigningKey(signingCredential).getAlgorithm(), algorithmURI, queryString));
/** * Signs a single XMLObject. * * @param signature the signature to computer the signature on * @throws SignatureException thrown if there is an error computing the signature */ public static void signObject(Signature signature) throws SignatureException { Logger log = getLogger(); try { XMLSignature xmlSignature = ((SignatureImpl) signature).getXMLSignature(); if (xmlSignature == null) { log.error("Unable to compute signature, Signature XMLObject does not have the XMLSignature " + "created during marshalling."); throw new SignatureException("XMLObject does not have an XMLSignature instance, unable to compute signature"); } log.debug("Computing signature over XMLSignature object"); xmlSignature.sign(SecurityHelper.extractSigningKey(signature.getSigningCredential())); } catch (XMLSecurityException e) { log.error("An error occured computing the digital signature", e); throw new SignatureException("Signature computation error", e); } }
/** * Signs a single XMLObject. * * @param signature the signature to computer the signature on * @throws SignatureException thrown if there is an error computing the signature */ public static void signObject(Signature signature) throws SignatureException { Logger log = getLogger(); try { XMLSignature xmlSignature = ((SignatureImpl) signature).getXMLSignature(); if (xmlSignature == null) { log.error("Unable to compute signature, Signature XMLObject does not have the XMLSignature " + "created during marshalling."); throw new SignatureException("XMLObject does not have an XMLSignature instance, unable to compute signature"); } log.debug("Computing signature over XMLSignature object"); xmlSignature.sign(SecurityHelper.extractSigningKey(signature.getSigningCredential())); } catch (XMLSecurityException e) { log.error("An error occured computing the digital signature", e); throw new SignatureException("Signature computation error", e); } }
/** * Compute the signature or MAC value over the supplied input. * * It is up to the caller to ensure that the specified algorithm ID and isMAC flag are consistent with the type of * signing key supplied in the signing credential. * * @param signingCredential the credential containing the signing key * @param jcaAlgorithmID the Java JCA algorithm ID to use * @param isMAC flag indicating whether the operation to be performed is a signature or MAC computation * @param input the input over which to compute the signature * @return the computed signature or MAC value * @throws SecurityException throw if the computation process results in an error */ public static byte[] sign(Credential signingCredential, String jcaAlgorithmID, boolean isMAC, byte[] input) throws SecurityException { Logger log = getLogger(); Key signingKey = SecurityHelper.extractSigningKey(signingCredential); if (signingKey == null) { log.error("No signing key supplied in signing credential for signature computation"); throw new SecurityException("No signing key supplied in signing credential"); } if (isMAC) { return signMAC(signingKey, jcaAlgorithmID, input); } else if (signingKey instanceof PrivateKey) { return sign((PrivateKey) signingKey, jcaAlgorithmID, input); } else { log.error("No PrivateKey present in signing credential for signature computation"); throw new SecurityException("No PrivateKey supplied for signing"); } }
/** * Compute the signature or MAC value over the supplied input. * * It is up to the caller to ensure that the specified algorithm ID and isMAC flag are consistent with the type of * signing key supplied in the signing credential. * * @param signingCredential the credential containing the signing key * @param jcaAlgorithmID the Java JCA algorithm ID to use * @param isMAC flag indicating whether the operation to be performed is a signature or MAC computation * @param input the input over which to compute the signature * @return the computed signature or MAC value * @throws SecurityException throw if the computation process results in an error */ public static byte[] sign(Credential signingCredential, String jcaAlgorithmID, boolean isMAC, byte[] input) throws SecurityException { Logger log = getLogger(); Key signingKey = SecurityHelper.extractSigningKey(signingCredential); if (signingKey == null) { log.error("No signing key supplied in signing credential for signature computation"); throw new SecurityException("No signing key supplied in signing credential"); } if (isMAC) { return signMAC(signingKey, jcaAlgorithmID, input); } else if (signingKey instanceof PrivateKey) { return sign((PrivateKey) signingKey, jcaAlgorithmID, input); } else { log.error("No PrivateKey present in signing credential for signature computation"); throw new SecurityException("No PrivateKey supplied for signing"); } }