/** {{@inheritDoc}}. */ public X509Certificate engineLookupResolveX509Certificate(Element element, String baseURI, StorageResolver storage) throws KeyResolverException { LOG.debug("Can I resolve {}", element.getTagName()); if (!engineCanResolve(element, baseURI, storage)) { return null; } try { KeyInfo referent = resolveReferentKeyInfo(element, baseURI, storage); if (referent != null) { return referent.getX509Certificate(); } } catch (XMLSecurityException e) { LOG.debug("XMLSecurityException", e); } return null; }
private <T extends Element> X509Certificate[] _getcerts(T element, SignatureOptions options) throws XMLSignatureException, XMLSecurityException { List<X509Certificate> certs = new ArrayList<X509Certificate>(); org.w3c.dom.Element dom = fomToDom((Element)element, options); NodeList children = dom.getChildNodes(); for (int n = 0; n < children.getLength(); n++) { try { Node node = children.item(n); if (node.getNodeType() == Node.ELEMENT_NODE) { org.w3c.dom.Element el = (org.w3c.dom.Element)node; if (Constants.DSIG_NS.equals(el.getNamespaceURI()) && Constants.LN_SIGNATURE.equals(el .getLocalName())) { IRI baseUri = element.getResolvedBaseUri(); XMLSignature sig = new XMLSignature(el, (baseUri != null) ? baseUri.toString() : ""); if (is_valid_signature(sig, options)) { KeyInfo ki = sig.getKeyInfo(); if (ki != null) { X509Certificate cert = ki.getX509Certificate(); if (cert != null) certs.add(cert); } } } } } catch (Exception e) { } } return certs.toArray(new X509Certificate[certs.size()]); }
X509Certificate cert = ki.getX509Certificate();
X509Certificate cert = ki.getX509Certificate();
KeyInfo keyInfo = signature.getKeyInfo(); if (fingerprint != null && keyInfo != null && keyInfo.containsX509Data()) { X509Certificate providedCert = keyInfo.getX509Certificate(); String calculatedFingerprint = calculateX509Fingerprint(providedCert, alg); for (String fingerprintStr : fingerprint.split(",")) {
X509Certificate certificate = signature.getKeyInfo().getX509Certificate();
X509Certificate certificate = signature.getKeyInfo().getX509Certificate();
private void prepare(KRSSRequest request, KeyBindingAbstractType abstractType) throws XKMSException { Authentication authentication = request.getAuthentication(); authentication.setKeyBindingAuthenticationKey(authkey); KeyInfo keyInfo = abstractType.getKeyInfo(); if (keyInfo != null) { try { KeyName itemKeyName = keyInfo.itemKeyName(0); if (itemKeyName != null) { abstractType.setKeyName(itemKeyName.getKeyName()); } PublicKey public1 = keyInfo.getPublicKey(); if (public1 != null) { abstractType.setKeyValue(public1); } X509Certificate cert = keyInfo.getX509Certificate(); if (cert != null) { abstractType.setCertValue(cert); abstractType.setKeyValue(cert.getPublicKey()); } } catch (KeyResolverException e) { LOG.error("", e); throw new XKMSException(XKMSException.FAILURE, "noKey", e); } catch (XMLSecurityException e) { LOG.error("", e); throw new XKMSException(XKMSException.FAILURE, "noKey", e); } } }
@org.junit.Test public void testGetMetadata() throws Exception { URL busFile = MetadataTest.class.getResource("client.xml"); String address = "https://localhost:" + PORT + "/sso/metadata"; WebClient client = WebClient.create(address, busFile.toString()); client.accept("text/xml"); Response response = client.get(); assertEquals(response.getStatus(), 200); Document doc = response.readEntity(Document.class); assertEquals("EntityDescriptor", doc.getDocumentElement().getLocalName()); // Now validate the signature Element signature = (Element)doc.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature").item(0); assertNotNull(signature); XMLSignature signatureElem = new XMLSignature(signature, ""); doc.getDocumentElement().setIdAttributeNS(null, "ID", true); X509Certificate signingCert = signatureElem.getKeyInfo().getX509Certificate(); assertNotNull(signingCert); assertTrue(signatureElem.checkSignatureValue(signingCert)); }
private boolean is_valid_signature(XMLSignature sig, SignatureOptions options) throws XMLSignatureException, XMLSecurityException { KeyInfo ki = sig.getKeyInfo(); if (ki != null) { X509Certificate cert = ki.getX509Certificate(); if (cert != null) { return sig.checkSignatureValue(cert); } else { PublicKey key = ki.getPublicKey(); if (key != null) { return sig.checkSignatureValue(key); } } } else if (options != null) { PublicKey key = options.getPublicKey(); X509Certificate cert = options.getCertificate(); if (key != null) return sig.checkSignatureValue(key); if (cert != null) return sig.checkSignatureValue(cert); } return false; }
cert = keyInfo.getX509Certificate(); } catch (KeyResolverException e) { throw new XKMSException(XKMSException.FAILURE, "keystore",
cert = keyInfo.getX509Certificate(); if (cert != null) { valid = signature.checkSignatureValue(cert); if (valid && persistSignature) { if (signature.getKeyInfo() != null) { message.put(SIGNING_CERT, signature.getKeyInfo().getX509Certificate());
cert = keyInfo.getX509Certificate(); if (cert != null) { valid = signature.checkSignatureValue(cert); if (valid && persistSignature) { if (signature.getKeyInfo() != null) { message.put(SIGNING_CERT, signature.getKeyInfo().getX509Certificate());