private void signAssertion(Assertion assertion, Credential credential) throws SecurityException, MarshallingException, SignatureException { SignatureBuilder signatureBuilder = (SignatureBuilder) builderFactory .getBuilder(Signature.DEFAULT_ELEMENT_NAME); Signature signature = signatureBuilder.buildObject(); signature.setSigningCredential(credential); SecurityHelper.prepareSignatureParams(signature, credential, null, null); assertion.setSignature(signature); Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(assertion); marshaller.marshall(assertion); Signer.signObject(signature); }
/** * Signs the given XMLObject in the order provided. * * @param xmlObjects an orderded list of XMLObject to be signed * @throws SignatureException thrown if there is an error computing the signature */ public static void signObjects(List<Signature> xmlObjects) throws SignatureException { for (Signature xmlObject : xmlObjects) { signObject(xmlObject); } }
/** {@inheritDoc} */ public void setSignature(Signature newSignature) { signature = prepareForAssignment(signature, newSignature); } }
/** * Check whether the specified {@link DSAKeyValue} element has the all optional DSA * values which can be shared amongst many keys in a DSA "key family", and * are presumed to be known from context. * * @param keyDescriptor the {@link DSAKeyValue} element to check * @return true if all parameters are present and non-empty, false otherwise */ public static boolean hasCompleteDSAParams(DSAKeyValue keyDescriptor) { if ( keyDescriptor.getG() == null || DatatypeHelper.isEmpty(keyDescriptor.getG().getValue()) || keyDescriptor.getP() == null || DatatypeHelper.isEmpty(keyDescriptor.getP().getValue()) || keyDescriptor.getQ() == null || DatatypeHelper.isEmpty(keyDescriptor.getQ().getValue()) ) { return false; } return true; }
/** * Builds an RSA key from an {@link RSAKeyValue} element. * * @param keyDescriptor the {@link RSAKeyValue} key descriptor * * @return a new {@link RSAPublicKey} instance of {@link PublicKey} * * @throws KeyException thrown if the key algorithm is not supported by the JCE or the key spec does not * contain valid information */ public static PublicKey getRSAKey(RSAKeyValue keyDescriptor) throws KeyException { BigInteger modulus = keyDescriptor.getModulus().getValueBigInt(); BigInteger exponent = keyDescriptor.getExponent().getValueBigInt(); RSAPublicKeySpec keySpec = new RSAPublicKeySpec(modulus, exponent); return buildKey(keySpec, "RSA"); }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject) throws UnmarshallingException { RSAKeyValue keyValue = (RSAKeyValue) parentXMLObject; if (childXMLObject instanceof Modulus) { keyValue.setModulus((Modulus) childXMLObject); } else if (childXMLObject instanceof Exponent) { keyValue.setExponent((Exponent) childXMLObject); } else { super.processChildElement(parentXMLObject, childXMLObject); } }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject) throws UnmarshallingException { RetrievalMethod rm = (RetrievalMethod) parentXMLObject; if (childXMLObject instanceof Transforms) { rm.setTransforms((Transforms) childXMLObject); } else { super.processChildElement(parentXMLObject, childXMLObject); } }
/** * Get the DSAKeyValue from the passed XML object. * * @param xmlObject an XML object, presumably either a {@link KeyValue} or an {@link DSAKeyValue} * @return the DSAKeyValue which was found, or null if none */ protected DSAKeyValue getDSAKeyValue(XMLObject xmlObject) { if (xmlObject == null) {return null; } if (xmlObject instanceof DSAKeyValue) { return (DSAKeyValue) xmlObject; } if (xmlObject instanceof KeyValue) { return ((KeyValue) xmlObject).getDSAKeyValue(); } return null; } }
/** {@inheritDoc} */ protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException { DigestMethod dm = (DigestMethod) xmlObject; if (dm.getAlgorithm() != null) { domElement.setAttributeNS(null, DigestMethod.ALGORITHM_ATTRIB_NAME, dm.getAlgorithm()); } }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject) throws UnmarshallingException { X509Data x509Data = (X509Data) parentXMLObject; // X509Data contains a range of specific types, but also // support <any>, with an unbounded choice over all (no ordering) // so no need to distinguish. x509Data.getXMLObjects().add(childXMLObject); }
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentXMLObject, XMLObject childXMLObject) throws UnmarshallingException { KeyInfoType keyInfo = (KeyInfoType) parentXMLObject; // KeyInfoType contains a range of specific types, but also // support <any>, with an unbounded choice over all (no ordering) // so no need to distinguish. keyInfo.getXMLObjects().add(childXMLObject); }
/** {@inheritDoc} */ protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException { KeyInfoType keyInfo = (KeyInfoType) xmlObject; if (keyInfo.getID() != null) { domElement.setAttributeNS(null, KeyInfoType.ID_ATTRIB_NAME, keyInfo.getID()); domElement.setIdAttributeNS(null, KeyInfoType.ID_ATTRIB_NAME, true); } }
/** {@inheritDoc} */ protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException { ECKeyValue ec = (ECKeyValue) xmlObject; if (ec.getID() != null) { domElement.setAttributeNS(null, ECKeyValue.ID_ATTRIB_NAME, ec.getID()); domElement.setIdAttributeNS(null, ECKeyValue.ID_ATTRIB_NAME, true); } }
KeyManager keyManager = SamlKeyManagerFactory.getKeyManager(config); SignatureBuilder signatureBuilder = (SignatureBuilder) builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME); Signature signature = signatureBuilder.buildObject(); final Credential defaultCredential = keyManager.getDefaultCredential(); signature.setSigningCredential(defaultCredential); SecurityHelper.prepareSignatureParams(signature, defaultCredential, null, null); assertion.setSignature(signature); Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(assertion); marshaller.marshall(assertion); Signer.signObject(signature); return assertion;
/** * Signs the given XMLObject in the order provided. * * @param xmlObjects an orderded list of XMLObject to be signed * @throws SignatureException thrown if there is an error computing the signature */ public static void signObjects(List<Signature> xmlObjects) throws SignatureException { for (Signature xmlObject : xmlObjects) { signObject(xmlObject); } }
/** * Check whether the specified {@link DSAKeyValue} element has the all optional DSA * values which can be shared amongst many keys in a DSA "key family", and * are presumed to be known from context. * * @param keyDescriptor the {@link DSAKeyValue} element to check * @return true if all parameters are present and non-empty, false otherwise */ public static boolean hasCompleteDSAParams(DSAKeyValue keyDescriptor) { if ( keyDescriptor.getG() == null || DatatypeHelper.isEmpty(keyDescriptor.getG().getValue()) || keyDescriptor.getP() == null || DatatypeHelper.isEmpty(keyDescriptor.getP().getValue()) || keyDescriptor.getQ() == null || DatatypeHelper.isEmpty(keyDescriptor.getQ().getValue()) ) { return false; } return true; }
/** * Builds an RSA key from an {@link RSAKeyValue} element. * * @param keyDescriptor the {@link RSAKeyValue} key descriptor * * @return a new {@link RSAPublicKey} instance of {@link PublicKey} * * @throws KeyException thrown if the key algorithm is not supported by the JCE or the key spec does not * contain valid information */ public static PublicKey getRSAKey(RSAKeyValue keyDescriptor) throws KeyException { BigInteger modulus = keyDescriptor.getModulus().getValueBigInt(); BigInteger exponent = keyDescriptor.getExponent().getValueBigInt(); RSAPublicKeySpec keySpec = new RSAPublicKeySpec(modulus, exponent); return buildKey(keySpec, "RSA"); }
/** {@inheritDoc} */ public void setSignature(Signature newSignature) { signature = prepareForAssignment(signature, newSignature); } }
/** {@inheritDoc} */ protected void marshallAttributes(XMLObject xmlObject, Element domElement) throws MarshallingException { DigestMethod dm = (DigestMethod) xmlObject; if (dm.getAlgorithm() != null) { domElement.setAttributeNS(null, DigestMethod.ALGORITHM_ATTRIB_NAME, dm.getAlgorithm()); } }
private static void signObject(Signature signature) throws WSSecurityException { if (signature != null) { try { Signer.signObject(signature); } catch (SignatureException ex) { throw new WSSecurityException("Error signing a SAML assertion", ex); } } }