本文整理汇总了Java中org.opensaml.xmlsec.signature.Signature类的典型用法代码示例。如果您正苦于以下问题:Java Signature类的具体用法?Java Signature怎么用?Java Signature使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Signature类属于org.opensaml.xmlsec.signature包,在下文中一共展示了Signature类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: setSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Applies the XML Digital Signature to the SAML 2.0 based Request.
*
* @param request the SAML 2.0 based Request
* @param signatureAlgorithm the algorithm used to compute the signature
* @param credential the signature signing credential
* @return the SAML 2.0 based Request with XML Digital Signature set
* @throws SSOException if an error occurs while signing the SAML 2.0 based Request message
*/
public static RequestAbstractType setSignature(RequestAbstractType request, String signatureAlgorithm,
X509Credential credential) throws SSOException {
try {
Signature signature = setSignatureRaw(signatureAlgorithm, credential);
request.setSignature(signature);
List<Signature> signatureList = new ArrayList<>();
signatureList.add(signature);
// marshall and sign
Marshaller marshaller = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(request);
if (marshaller != null) {
marshaller.marshall(request);
}
// initializes and configures the library
Init.init();
// signer is responsible for creating the digital signatures for the given XML Objects,
// signs the XML Objects based on the given order of the Signature list
Signer.signObjects(signatureList);
return request;
} catch (MarshallingException | SignatureException e) {
throw new SSOException("Error while signing the SAML 2.0 Request message", e);
}
}
示例2: verifySamlProfileRequestIfNeeded
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Verify saml profile request if needed.
*
* @param profileRequest the profile request
* @param resolver the resolver
* @param request the request
* @param context the context
* @throws Exception the exception
*/
public void verifySamlProfileRequestIfNeeded(final RequestAbstractType profileRequest,
final MetadataResolver resolver,
final HttpServletRequest request,
final MessageContext context) throws Exception {
final RoleDescriptorResolver roleDescriptorResolver = getRoleDescriptorResolver(resolver, context, profileRequest);
LOGGER.debug("Validating signature for [{}]", profileRequest.getClass().getName());
final Signature signature = profileRequest.getSignature();
if (signature != null) {
validateSignatureOnProfileRequest(profileRequest, signature, roleDescriptorResolver);
} else {
validateSignatureOnAuthenticationRequest(profileRequest, request, context, roleDescriptorResolver);
}
}
示例3: validateSignatureOnProfileRequest
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private void validateSignatureOnProfileRequest(final RequestAbstractType profileRequest,
final Signature signature,
final RoleDescriptorResolver roleDescriptorResolver) throws Exception {
final SAMLSignatureProfileValidator validator = new SAMLSignatureProfileValidator();
LOGGER.debug("Validating profile signature for [{}] via [{}]...", profileRequest.getIssuer(),
validator.getClass().getSimpleName());
validator.validate(signature);
LOGGER.debug("Successfully validated profile signature for [{}].", profileRequest.getIssuer());
final Credential credential = getSigningCredential(roleDescriptorResolver, profileRequest);
if (credential == null) {
throw new SamlException("Signing credential for validation could not be resolved");
}
LOGGER.debug("Validating signature using credentials for [{}]", credential.getEntityId());
SignatureValidator.validate(signature, credential);
LOGGER.info("Successfully validated the request signature.");
}
示例4: getDigestMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static String getDigestMethodAlgorithm(final Optional<Signature> signature) {
if (signature.isPresent()) {
XMLSignature xmlSignature = ((SignatureImpl) signature.get()).getXMLSignature();
if (xmlSignature != null) {
SignedInfo signedInfo = xmlSignature.getSignedInfo();
try {
if (signedInfo != null && signedInfo.getLength() != 0 && signedInfo.item(0) != null) {
MessageDigestAlgorithm messageDigestAlgorithm = signedInfo.item(0).getMessageDigestAlgorithm();
if (messageDigestAlgorithm != null) {
return messageDigestAlgorithm.getJCEAlgorithmString();
}
}
} catch (XMLSecurityException e) {
LOG.debug(format("Error getting message digest algorithm: {0}", e));
}
}
}
return null;
}
示例5: setSignatureRaw
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Generates an XML Object representing a digital signature.
*
* @param signatureAlgorithm the algorithm used to compute the signature
* @param credential the signature signing credentials
* @return an XML Object representing an enveloped or detached XML Digital Signature
* @throws SSOException if an error occurs while getting the signature
*/
private static Signature setSignatureRaw(String signatureAlgorithm, X509Credential credential) throws SSOException {
Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
signature.setSigningCredential(credential);
signature.setSignatureAlgorithm(signatureAlgorithm);
signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
try {
KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
X509Certificate cert = (X509Certificate) buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
String value = org.apache.xml.security.utils.Base64.encode(credential.getEntityCertificate().getEncoded());
cert.setValue(value);
data.getX509Certificates().add(cert);
keyInfo.getX509Datas().add(data);
signature.setKeyInfo(keyInfo);
return signature;
} catch (CertificateEncodingException e) {
throw new SSOException("Error getting certificate", e);
}
}
示例6: addDeflateSignatureToHTTPQueryString
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
/**
* Applies the XML Digital Signature to the HTTP query string specified.
*
* @param httpQueryString the primary HTTP query string which is to be digitally signed
* @param credential an entity credential associated with X.509 Public Key Infrastructure
* @throws SSOException if an error occurs while applying the SAML 2.0 Redirect binding signature
*/
public static void addDeflateSignatureToHTTPQueryString(StringBuilder httpQueryString, X509Credential credential)
throws SSOException {
try {
httpQueryString.append("&SigAlg=").
append(URLEncoder.encode(XMLSignature.ALGO_ID_SIGNATURE_RSA, StandardCharsets.UTF_8.name()).trim());
java.security.Signature signature = java.security.Signature.getInstance("SHA1withRSA");
signature.initSign(credential.getPrivateKey());
signature.update(httpQueryString.toString().getBytes(StandardCharsets.UTF_8));
byte[] signatureByteArray = signature.sign();
String signatureBase64EncodedString = Base64Support.encode(signatureByteArray, false);
httpQueryString.append("&Signature=").
append(URLEncoder.encode(signatureBase64EncodedString, StandardCharsets.UTF_8.name()).trim());
} catch (NoSuchAlgorithmException | InvalidKeyException |
java.security.SignatureException | UnsupportedEncodingException e) {
throw new SSOException("Error applying SAML 2.0 Redirect Binding signature", e);
}
}
示例7: createCountryEntityDescriptor
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static EntityDescriptor createCountryEntityDescriptor(String entityID) {
Signature entityDescriptorSignature = createSignature();
KeyDescriptor keyDescriptor = KeyDescriptorBuilder.aKeyDescriptor().withX509ForSigning(TEST_PUBLIC_CERT).build();
IDPSSODescriptor idpssoDescriptor = IdpSsoDescriptorBuilder
.anIdpSsoDescriptor()
.addKeyDescriptor(keyDescriptor)
.build();
try {
return getEntityDescriptor(entityID, idpssoDescriptor, entityDescriptorSignature);
} catch (MarshallingException | SignatureException e) {
throw Throwables.propagate(e);
}
}
示例8: getEntityDescriptor
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static EntityDescriptor getEntityDescriptor(String entityID, IDPSSODescriptor idpssoDescriptor, Signature entityDescriptorSignature) throws MarshallingException, SignatureException {
return EntityDescriptorBuilder
.anEntityDescriptor()
.withEntityId(entityID)
.withIdpSsoDescriptor(idpssoDescriptor)
.withSignature(entityDescriptorSignature)
.build();
}
示例9: createSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static Signature createSignature() {
String metadataSigningCert = METADATA_SIGNING_A_PUBLIC_CERT;
String metadataSigningKey = METADATA_SIGNING_A_PRIVATE_KEY;
TestCredentialFactory testCredentialFactory = new TestCredentialFactory(metadataSigningCert, metadataSigningKey);
Credential credential = testCredentialFactory.getSigningCredential();
return SignatureBuilder
.aSignature()
.withSigningCredential(credential)
.withX509Data(metadataSigningCert)
.build();
}
示例10: probeResponseForMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static void probeResponseForMethodAlgorithm(final InboundResponseFromIdp response) {
if (response != null) {
final Optional<Signature> signature = response.getSignature();
if (signature != null) {
final String signatureMethodAlgorithm = getSignatureMethodAlgorithm(signature);
final String digestMethodAlgorithm = getDigestMethodAlgorithm(signature);
logMethodAlgorithm(Role.IDP, signatureMethodAlgorithm, digestMethodAlgorithm, Response.DEFAULT_ELEMENT_LOCAL_NAME);
}
}
}
示例11: probeAssertionForMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static void probeAssertionForMethodAlgorithm(final Assertion assertion, final String typeOfAssertion) {
String prefixAssertion = typeOfAssertion + Assertion.DEFAULT_ELEMENT_LOCAL_NAME;
if (assertion != null) {
final Optional<Signature> signature = Optional.ofNullable(assertion.getSignature());
if (signature != null) {
final String signatureMethodAlgorithm = getSignatureMethodAlgorithm(signature);
final String digestMethodAlgorithm = getDigestMethodAlgorithm(signature);
logMethodAlgorithm(Role.IDP, signatureMethodAlgorithm, digestMethodAlgorithm, prefixAssertion);
}
}
}
示例12: probeAuthnRequestForMethodAlgorithm
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
public static void probeAuthnRequestForMethodAlgorithm(final AuthnRequestFromRelyingParty authnRequest) {
if (authnRequest != null) {
final Optional<Signature> signature = authnRequest.getSignature();
if (signature != null) {
final String signatureMethodAlgorithm = getSignatureMethodAlgorithm(signature);
final String digestMethodAlgorithm = getDigestMethodAlgorithm(signature);
logMethodAlgorithm(Role.SP, signatureMethodAlgorithm, digestMethodAlgorithm, AuthnRequest.DEFAULT_ELEMENT_LOCAL_NAME);
}
}
}
示例13: getEntityDescriptor
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static EntityDescriptor getEntityDescriptor(String entityID, IDPSSODescriptor idpssoDescriptor, Signature entityDescriptorSignature) throws MarshallingException, SignatureException {
return EntityDescriptorBuilder
.anEntityDescriptor()
.withEntityId(entityID)
.withIdpSsoDescriptor(idpssoDescriptor)
.withSignature(entityDescriptorSignature)
.build();
}
示例14: createSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private static Signature createSignature() {
TestCredentialFactory testCredentialFactory = new TestCredentialFactory(METADATA_SIGNING_A_PUBLIC_CERT, METADATA_SIGNING_A_PRIVATE_KEY);
Credential credential = testCredentialFactory.getSigningCredential();
return SignatureBuilder
.aSignature()
.withSigningCredential(credential)
.withX509Data(METADATA_SIGNING_A_PUBLIC_CERT)
.build();
}
示例15: createSignature
import org.opensaml.xmlsec.signature.Signature; //导入依赖的package包/类
private Signature createSignature() {
KeyPair signingKeyPair = new KeyPair(publicKeyFromPrivateKey(signingKey), signingKey);
IdaKeyStore keyStore = new IdaKeyStore(signingKeyPair, Collections.emptyList());
IdaKeyStoreCredentialRetriever keyStoreCredentialRetriever = new IdaKeyStoreCredentialRetriever(keyStore);
SignatureRSASHA256 signatureAlgorithm = new SignatureRSASHA256();
DigestSHA256 digestAlgorithm = new DigestSHA256();
SignatureFactory signatureFactory = new SignatureFactory(keyStoreCredentialRetriever, signatureAlgorithm, digestAlgorithm);
return signatureFactory.createSignature();
}