本文整理汇总了Java中org.opensaml.xml.security.SecurityHelper.getSimpleCredential方法的典型用法代码示例。如果您正苦于以下问题:Java SecurityHelper.getSimpleCredential方法的具体用法?Java SecurityHelper.getSimpleCredential怎么用?Java SecurityHelper.getSimpleCredential使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.opensaml.xml.security.SecurityHelper的用法示例。
在下文中一共展示了SecurityHelper.getSimpleCredential方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doEncryptedAssertion
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
@Override
public EncryptedAssertion doEncryptedAssertion(Assertion assertion, X509Credential cred, String alias, String encryptionAlgorithm) throws IdentityException {
try {
Credential symmetricCredential = SecurityHelper.getSimpleCredential(
SecurityHelper.generateSymmetricKey(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256));
EncryptionParameters encParams = new EncryptionParameters();
encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256);
encParams.setEncryptionCredential(symmetricCredential);
KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
keyEncryptionParameters.setEncryptionCredential(cred);
Encrypter encrypter = new Encrypter(encParams, keyEncryptionParameters);
encrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE);
EncryptedAssertion encrypted = encrypter.encrypt(assertion);
return encrypted;
} catch (Exception e) {
throw IdentityException.error("Error while Encrypting Assertion", e);
}
}
示例2: getSigningCredential
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
/**
* Gets the signing credential from the keystore.
*
* @param keystore keystore to fetch the key from
* @param alias the key alias
* @param keyPass password for the key
*
* @return the signing credential or null
*/
private static Credential getSigningCredential(KeyStore keystore, String alias, String keyPass) {
alias = DatatypeHelper.safeTrimOrNullString(alias);
if (alias == null) {
log.error("Key alias may not be null or empty");
System.exit(1);
}
keyPass = DatatypeHelper.safeTrimOrNullString(keyPass);
if (keyPass == null) {
log.error("Private key password may not be null or empty");
System.exit(1);
}
KeyStore.PasswordProtection keyPassParam = new KeyStore.PasswordProtection(keyPass.toCharArray());
try {
KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keystore.getEntry(alias, keyPassParam);
return SecurityHelper.getSimpleCredential(pkEntry.getCertificate().getPublicKey(), pkEntry.getPrivateKey());
} catch (Exception e) {
log.error("Unable to retrieve private key " + alias, e);
}
return null;
}
示例3: getVerificationCredential
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
/**
* Gets a simple credential containing the public key associated with the named certificate.
*
* @param keystore the keystore from which to get the key
* @param alias the name of the certificate from which to get the key
*
* @return a simple credential containing the public key or null
*/
private static Credential getVerificationCredential(KeyStore keystore, String alias) {
alias = DatatypeHelper.safeTrimOrNullString(alias);
if (alias == null) {
log.error("Key alias may not be null or empty");
System.exit(1);
}
try {
Certificate cert = keystore.getCertificate(alias);
return SecurityHelper.getSimpleCredential(cert.getPublicKey(), null);
} catch (Exception e) {
log.error("Unable to retrieve certificate " + alias, e);
System.exit(1);
}
return null;
}
示例4: testEntityDescriptor
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
public void testEntityDescriptor() throws UnmarshallingException, CertificateException, XMLParserException {
X509Certificate cert = SecurityTestHelper.buildJavaX509Cert(openIDCertBase64);
X509Credential cred = SecurityHelper.getSimpleCredential(cert, null);
StaticCredentialResolver credResolver = new StaticCredentialResolver(cred);
SignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credResolver,
Configuration.getGlobalSecurityConfiguration().getDefaultKeyInfoCredentialResolver());
Document mdDoc = parser.parse(SignatureValidationFilterTest.class.getResourceAsStream(openIDFileValid));
XMLObject xmlObject =
unmarshallerFactory.getUnmarshaller(mdDoc.getDocumentElement()).unmarshall(mdDoc.getDocumentElement());
assertTrue(xmlObject instanceof EntityDescriptor);
EntityDescriptor ed = (EntityDescriptor) xmlObject;
assertTrue(ed.isSigned());
assertNotNull("Signature was null", ed.getSignature());
SignatureValidationFilter filter = new SignatureValidationFilter(trustEngine);
try {
filter.doFilter(ed);
} catch (FilterException e) {
fail("Filter failed validation, should have succeeded: " + e.getMessage());
}
}
示例5: testEntityDescriptorInvalid
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
public void testEntityDescriptorInvalid() throws UnmarshallingException, CertificateException, XMLParserException {
X509Certificate cert = SecurityTestHelper.buildJavaX509Cert(openIDCertBase64);
X509Credential cred = SecurityHelper.getSimpleCredential(cert, null);
StaticCredentialResolver credResolver = new StaticCredentialResolver(cred);
SignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credResolver,
Configuration.getGlobalSecurityConfiguration().getDefaultKeyInfoCredentialResolver());
Document mdDoc = parser.parse(SignatureValidationFilterTest.class.getResourceAsStream(openIDFileInvalid));
XMLObject xmlObject =
unmarshallerFactory.getUnmarshaller(mdDoc.getDocumentElement()).unmarshall(mdDoc.getDocumentElement());
assertTrue(xmlObject instanceof EntityDescriptor);
EntityDescriptor ed = (EntityDescriptor) xmlObject;
assertTrue(ed.isSigned());
assertNotNull("Signature was null", ed.getSignature());
SignatureValidationFilter filter = new SignatureValidationFilter(trustEngine);
try {
filter.doFilter(xmlObject);
fail("Filter passed validation, should have failed");
} catch (FilterException e) {
// do nothing, should fail
}
}
示例6: setUp
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
/** {@inheritDoc} */
protected void setUp() throws Exception {
super.setUp();
KeyPair keyPair = SecurityTestHelper.generateKeyPair("RSA", 1024, null);
goodCredential = SecurityHelper.getSimpleCredential(keyPair.getPublic(), keyPair.getPrivate());
keyPair = SecurityTestHelper.generateKeyPair("RSA", 1024, null);
badCredential = SecurityHelper.getSimpleCredential(keyPair.getPublic(), null);
assertionBuilder = (AssertionBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
issuerBuilder = (IssuerBuilder) builderFactory.getBuilder(Issuer.DEFAULT_ELEMENT_NAME);
authnStatementBuilder = (AuthnStatementBuilder) builderFactory.getBuilder(AuthnStatement.DEFAULT_ELEMENT_NAME);
signatureBuilder = (SignatureBuilder) builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME);
idGenerator = new SecureRandomIdentifierGenerator();
}
示例7: getSigningCredential
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
/**
* Read signing key
*
* @return
* @throws IOException
* @throws KeyStoreException
* @throws NoSuchAlgorithmException
* @throws CertificateException
* @throws UnrecoverableKeyException
* @throws MissingPropertyException
*/
private Credential getSigningCredential(Properties _cfg) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, MissingPropertyException {
if (this._signingCredential == null) { // check configuration
checkPropertySet(_cfg,CFG_KEYSTORE_PATH);
checkPropertySet(_cfg,CFG_KEYSTORE_PASSWORD);
checkPropertySet(_cfg,CFG_KEYSTORE_ALIAS);
// load keystore
KeyStore ks = KeyStore.getInstance(getCfg(_cfg, CFG_KEYSTORE_TYPE, "JKS"));
ks.load(getClass().getResourceAsStream(getCfg(_cfg,CFG_KEYSTORE_PATH)), getCfg(_cfg,CFG_KEYSTORE_PASSWORD).toCharArray());
// load key data
PrivateKey pk = (PrivateKey) ks.getKey(getCfg(_cfg,CFG_KEYSTORE_ALIAS), getCfg(_cfg,CFG_KEYSTORE_PASSWORD).toCharArray());
X509Certificate pubKey = (X509Certificate) ks.getCertificate("sts");
OAuthTracer.trace(OAuthTracer.TEXT_TYPE, "Signing key", pubKey.getSubjectDN().getName());
// create credential object
Credential cred = SecurityHelper.getSimpleCredential(pubKey.getPublicKey(), pk);
this._signingCredential = cred;
}
return this._signingCredential;
}
示例8: setUp
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
/** {@inheritDoc} */
protected void setUp() throws Exception {
super.setUp();
switchMDDocumentValid = parser.parse(SignatureValidationFilterTest.class.getResourceAsStream(switchMDFileValid));
switchMDDocumentInvalid = parser.parse(SignatureValidationFilterTest.class.getResourceAsStream(switchMDFileInvalid));
X509Certificate switchCert = SecurityTestHelper.buildJavaX509Cert(switchMDCertBase64);
X509Credential switchCred = SecurityHelper.getSimpleCredential(switchCert, null);
StaticCredentialResolver switchCredResolver = new StaticCredentialResolver(switchCred);
switchSigTrustEngine = new ExplicitKeySignatureTrustEngine(switchCredResolver,
Configuration.getGlobalSecurityConfiguration().getDefaultKeyInfoCredentialResolver());
}
示例9: afterPropertiesSet
import org.opensaml.xml.security.SecurityHelper; //导入方法依赖的package包/类
@Override
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.saml20Storage, "The SAML 2.0 Storage wasn't injected !");
Assert.notNull(this.getSpConfig(), "No SP configuration provided for this SP processor !");
Assert.notNull(this.queryProcessorFactory, "No QueryProcessorFactory injected !");
// Retrieve IdP connectors and
// Register this SP processor in the IdP connectors
Assert.notEmpty(this.idpConnectors, "No IdP connector injected in the SP processor !");
for (final ISaml20IdpConnector idpConnector : this.idpConnectors) {
try {
idpConnector.registerSaml20SpProcessor(this);
final IIdpConfig idpConfig = idpConnector.getIdpConfig();
if (idpConfig != null) {
this.idpConnectorsByEntityId.put(idpConfig.getIdpEntityId(), idpConnector);
} else {
this.logger.warn(
"No IdP config found while registering an IdPConnector in SPProcessor with id: [{}] !",
this.getSpConfig().getId());
}
} catch (final IllegalAccessError e) {
// Catch exception thrown by fake IdPs like CAS Fake IdP.
}
}
this.spSigningCredential = SecurityHelper.getSimpleCredential(this.getSpConfig().getSigningCredential()
.getEntityCertificate(), this.getSpConfig().getSigningKey());
Assert.notNull(this.spSigningCredential,
"Unable to build SP signing credentials (signing public + private keys) !");
this.decrypter = this.buildDecrypter();
// Register this processor in the Helper
SamlHelper.registerSpProcessor(this);
if (this.authenticationHandler == null) {
this.logger.warn("No Authentication Handler configured !");
}
if (this.singleLogoutHandler == null) {
this.logger.warn("No Single Logout Handler configured !");
}
}