if (kd.getUse() == UsageType.SIGNING) { try { idpMetadata.setSigningCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0)); } catch (CertificateException ignored) { s_logger.info("[ignored] encountered invalid certificate signing.", ignored); idpMetadata.setEncryptionCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0)); } catch (CertificateException ignored) { s_logger.info("[ignored] encountered invalid certificate encryption.", ignored); unspecifiedKey = KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0); } catch (CertificateException ignored) { s_logger.info("[ignored] encountered invalid certificate.", ignored);
/** * Checks that KeyInfo is present. * * @param keyDescriptor the key descriptor to validate * @throws ValidationException thrown if KeyInfo is not present */ protected void validateKeyInfo(KeyDescriptor keyDescriptor) throws ValidationException { if (keyDescriptor.getKeyInfo()==null) { throw new ValidationException("KeyInfo required"); } }
private static Stream<X509Data> getDatasWithCertificates(KeyDescriptor descriptor) { return descriptor .getKeyInfo() .getX509Datas() .stream() .filter(d -> d.getX509Certificates().size() > 0); }
private void setX509Certificate(EntityDescriptor entityDescriptor,SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){ List<KeyDescriptor> descriptors = spssoDescriptor.getKeyDescriptors(); if (descriptors != null && descriptors.size() > 0) { KeyDescriptor descriptor = descriptors.get(0); if (descriptor != null) { if (descriptor.getUse().toString().equals("SIGNING")) { try { samlssoServiceProviderDO.setX509Certificate(org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(descriptor.getKeyInfo()).get(0)); samlssoServiceProviderDO.setCertAlias(entityDescriptor.getEntityID()); } catch (java.security.cert.CertificateException ex) { log.error("Error While setting Certificate and alias", ex); }catch(java.lang.Exception ex){ log.error("Error While setting Certificate and alias", ex); } } } } } private void setSigningAlgorithmUri(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){
private void setX509Certificate(EntityDescriptor entityDescriptor, SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO) { List<KeyDescriptor> descriptors = spssoDescriptor.getKeyDescriptors(); if (descriptors != null && descriptors.size() > 0) { KeyDescriptor descriptor = descriptors.get(0); if (descriptor != null) { if (descriptor.getUse().toString().equals("SIGNING")) { try { samlssoServiceProviderDO.setX509Certificate(org.opensaml.xml.security.keyinfo.KeyInfoHelper.getCertificates(descriptor.getKeyInfo()).get(0)); samlssoServiceProviderDO.setCertAlias(entityDescriptor.getEntityID()); } catch (java.security.cert.CertificateException ex) { log.error("Error While setting Certificate and alias", ex); } catch (java.lang.Exception ex) { log.error("Error While setting Certificate and alias", ex); } } } } }
if (keyDescriptor.getKeyInfo() != null) { trustedNames.addAll(getTrustedNames(keyDescriptor.getKeyInfo()));
if (keyDescriptor.getKeyInfo() != null) { CriteriaSet critSet = new CriteriaSet(); critSet.add(new KeyInfoCriteria(keyDescriptor.getKeyInfo()));
try { String cert = null; if (descriptor.getKeyInfo() != null) { if (descriptor.getKeyInfo().getX509Datas() != null && descriptor.getKeyInfo().getX509Datas().size() > 0) { for (int k = 0; k < descriptor.getKeyInfo().getX509Datas().size(); k++) { if (descriptor.getKeyInfo().getX509Datas().get(k) != null) { if (descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates() != null && descriptor.getKeyInfo().getX509Datas().get(0).getX509Certificates().size() > 0) { for (int y = 0; y < descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().size(); y++) { if (descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().get(y) != null) { if (descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().get(y). getValue() != null && descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates(). get(y).getValue().length() > 0) { cert = descriptor.getKeyInfo().getX509Datas().get(k).getX509Certificates().get(y). getValue().toString();
KeyInfo ki = kdesc.getKeyInfo(); if (ki == null) { continue;
continue; KeyInfo ki = kdesc.getKeyInfo(); if (ki == null) continue;