Java Code Examples for org.opensaml.xml.signature.Signature#setSigningCredential()

The following examples show how to use org.opensaml.xml.signature.Signature#setSigningCredential() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SAML2TokenBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
@Override
public void setSignature(String signatureAlgorithm, X509Credential cred) throws IdentityProviderException {
    Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
    signature.setSigningCredential(cred);
    signature.setSignatureAlgorithm(signatureAlgorithm);
    signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);

    try {
        KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
        X509Certificate cert = (X509Certificate) buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
        String value = Base64.encode(cred.getEntityCertificate().getEncoded());
        cert.setValue(value);
        data.getX509Certificates().add(cert);
        keyInfo.getX509Datas().add(data);
        signature.setKeyInfo(keyInfo);
    } catch (CertificateEncodingException e) {
        log.error("Failed to get encoded certificate", e);
        throw new IdentityProviderException("Error while getting encoded certificate");
    }

    assertion.setSignature(signature);
    signatureList.add(signature);
}
 
Example 2
Source File: SAML1TokenBuilder.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
@Override
public void setSignature(String signatureAlgorithm, X509Credential cred) throws IdentityProviderException {
    Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
    signature.setSigningCredential(cred);
    signature.setSignatureAlgorithm(signatureAlgorithm);
    signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);

    try {
        KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
        X509Certificate cert = (X509Certificate) buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
        String value = Base64.encode(cred.getEntityCertificate().getEncoded());
        cert.setValue(value);
        data.getX509Certificates().add(cert);
        keyInfo.getX509Datas().add(data);
        signature.setKeyInfo(keyInfo);
    } catch (CertificateEncodingException e) {
        log.error("Error while getting the encoded certificate", e);
        throw new IdentityProviderException("Error while getting the encoded certificate");
    }

    assertion.setSignature(signature);
    signatureList.add(signature);
}
 
Example 3
Source File: SSOAgentUtils.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
private static Signature setSignatureRaw(String signatureAlgorithm, X509Credential cred) throws SSOAgentException {
    Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
    signature.setSigningCredential(cred);
    signature.setSignatureAlgorithm(signatureAlgorithm);
    signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);

    try {
        KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
        org.opensaml.xml.signature.X509Certificate cert =
                (org.opensaml.xml.signature.X509Certificate) buildXMLObject(org.opensaml.xml.signature.X509Certificate.DEFAULT_ELEMENT_NAME);
        String value =
                org.apache.xml.security.utils.Base64.encode(cred.getEntityCertificate().getEncoded());
        cert.setValue(value);
        data.getX509Certificates().add(cert);
        keyInfo.getX509Datas().add(data);
        signature.setKeyInfo(keyInfo);
        return signature;

    } catch (CertificateEncodingException e) {
        throw new SSOAgentException("Error getting certificate", e);
    }
}
 
Example 4
Source File: SamlHelper.java    From secure-data-service with Apache License 2.0 6 votes vote down vote up
public Signature getDigitalSignature(KeyStore.PrivateKeyEntry keystoreEntry) {
    Signature signature = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME)
            .buildObject(Signature.DEFAULT_ELEMENT_NAME);

    Credential signingCredential = initializeCredentialsFromKeystore(keystoreEntry);
    signature.setSigningCredential(signingCredential);

    signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);

    SecurityConfiguration secConfig = Configuration.getGlobalSecurityConfiguration();
    try {
        SecurityHelper.prepareSignatureParams(signature, signingCredential, secConfig, null);
    } catch (org.opensaml.xml.security.SecurityException  ex) {
        LOG.error("Error composing artifact resolution request: Failed to generate digital signature");
        throw new IllegalArgumentException("Couldn't compose artifact resolution request", ex);
    }

    return signature;
}
 
Example 5
Source File: SamlAssertionProducer.java    From saml-generator with Apache License 2.0 5 votes vote down vote up
private Signature createSignature() throws Throwable {
	if (publicKeyLocation != null && privateKeyLocation != null) {
		SignatureBuilder builder = new SignatureBuilder();
		Signature signature = builder.buildObject();
		signature.setSigningCredential(certManager.getSigningCredential(publicKeyLocation, privateKeyLocation));
		signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
		signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
		
		return signature;
	}
	
	return null;
}