/** * Signs the specified {@link SignableSAMLObject} with the specified {@link Credential} and * {@code signatureAlgorithm}. */ static void sign(SignableSAMLObject signableObj, Credential signingCredential, String signatureAlgorithm) { requireNonNull(signableObj, "signableObj"); requireNonNull(signingCredential, "signingCredential"); requireNonNull(signatureAlgorithm, "signatureAlgorithm"); final Signature signature = signatureBuilder.buildObject(); signature.setSignatureAlgorithm(signatureAlgorithm); signature.setSigningCredential(signingCredential); signature.setCanonicalizationAlgorithm(ALGO_ID_C14N_EXCL_OMIT_COMMENTS); try { signature.setKeyInfo(keyInfoGenerator.generate(signingCredential)); } catch (SecurityException e) { throw new SamlException("failed to create a key info of signing credential", e); } signableObj.setSignature(signature); serialize(signableObj); try { Signer.signObject(signature); } catch (SignatureException e) { throw new SamlException("failed to sign a SAML object", e); } }
private static void signObject(Signature signature) throws WSSecurityException { if (signature != null) { ClassLoader loader = Thread.currentThread().getContextClassLoader(); try { Thread.currentThread().setContextClassLoader(SignerProvider.class.getClassLoader()); Signer.signObject(signature); } catch (SignatureException ex) { throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex, "empty", new Object[] {"Error signing a SAML assertion"}); } finally { Thread.currentThread().setContextClassLoader(loader); } } }
/** * Signs the specified {@link SignableSAMLObject} with the specified {@link Credential} and * {@code signatureAlgorithm}. */ static void sign(SignableSAMLObject signableObj, Credential signingCredential, String signatureAlgorithm) { requireNonNull(signableObj, "signableObj"); requireNonNull(signingCredential, "signingCredential"); requireNonNull(signatureAlgorithm, "signatureAlgorithm"); final Signature signature = signatureBuilder.buildObject(); signature.setSignatureAlgorithm(signatureAlgorithm); signature.setSigningCredential(signingCredential); signature.setCanonicalizationAlgorithm(ALGO_ID_C14N_EXCL_OMIT_COMMENTS); try { signature.setKeyInfo(keyInfoGenerator.generate(signingCredential)); } catch (SecurityException e) { throw new SamlException("failed to create a key info of signing credential", e); } signableObj.setSignature(signature); serialize(signableObj); try { Signer.signObject(signature); } catch (SignatureException e) { throw new SamlException("failed to sign a SAML object", e); } }
public void signObject(SignableSAMLObject signable, SimpleKey key, AlgorithmMethod algorithm, DigestMethod digest) { KeyStoreCredentialResolver resolver = getCredentialsResolver(key); Credential credential = getCredential(key, resolver); XMLObjectBuilder<org.opensaml.xmlsec.signature.Signature> signatureBuilder = (XMLObjectBuilder<org.opensaml.xmlsec.signature.Signature>) getBuilderFactory() .getBuilder(org.opensaml.xmlsec.signature.Signature.DEFAULT_ELEMENT_NAME); org.opensaml.xmlsec.signature.Signature signature = signatureBuilder.buildObject(org.opensaml.xmlsec .signature.Signature.DEFAULT_ELEMENT_NAME); signable.setSignature(signature); SignatureSigningParameters parameters = new SignatureSigningParameters(); parameters.setSigningCredential(credential); parameters.setKeyInfoGenerator(getKeyInfoGenerator(credential)); parameters.setSignatureAlgorithm(algorithm.toString()); parameters.setSignatureReferenceDigestMethod(digest.toString()); parameters.setSignatureCanonicalizationAlgorithm( CanonicalizationMethod.ALGO_ID_C14N_EXCL_OMIT_COMMENTS.toString() ); try { SignatureSupport.prepareSignatureParams(signature, parameters); Marshaller marshaller = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(signable); marshaller.marshall(signable); Signer.signObject(signature); } catch (SecurityException | MarshallingException | SignatureException e) { throw new SamlKeyException(e); } }