javax.xml.crypto.KeySelectorResult Java Examples

The following examples show how to use javax.xml.crypto.KeySelectorResult. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: X509KeySelector.java    From secure-data-service with Apache License 2.0 6 votes vote down vote up 
/**
 * Searches the specified keystore for a certificate that matches the
 * specified X509Certificate and contains a public key that is compatible
 * with the specified SignatureMethod.
 *
 * @return a KeySelectorResult containing the cert's public key if there
 *         is a match; otherwise null
 */
private KeySelectorResult certSelect(X509Certificate xcert,
                                     SignatureMethod sm) throws KeyStoreException {
    // skip non-signer certs
    boolean[] keyUsage = xcert.getKeyUsage();
    if (!keyUsage[0]) {
        return null;
    }
    String alias = ks.getCertificateAlias(xcert);
    if (alias != null) {
        PublicKey pk = ks.getCertificate(alias).getPublicKey();
        // make sure algorithm is compatible with method
        if (algEquals(sm.getAlgorithm(), pk.getAlgorithm())) {
            return new SimpleKeySelectorResult(pk);
        }
    }
    return null;
}
Example #2
Source File: XMLSignatureUtil.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
@Override
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException {
    try {
        KeyName keyNameEl = KeyInfoTools.getKeyName(keyInfo);
        this.keyName = keyNameEl == null ? null : keyNameEl.getName();
        final Key key = locator.getKey(keyName);
        this.keyLocated = key != null;
        return new KeySelectorResult() {
            @Override public Key getKey() {
                return key;
            }
        };
    } catch (KeyManagementException ex) {
        throw new KeySelectorException(ex);
    }

}
Example #3
Source File: SignatureVerifier.java    From IDES-Data-Preparation-Java with Creative Commons Zero v1.0 Universal 6 votes vote down vote up 
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, 
		AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException {
	if (keyInfo == null)
		throw new KeySelectorException("Null KeyInfo");
	List<?> list = keyInfo.getContent();
	PublicKey pk = null;

	for (int i = 0; i < list.size(); i++) {
		XMLStructure xmlStructure = (XMLStructure) list.get(i);
		if (xmlStructure instanceof KeyValue) {
			try {
				pk = ((KeyValue)xmlStructure).getPublicKey();
			} catch(KeyException ke) {
				throw new KeySelectorException(ke.getMessage());
			}
			break;
		} else if (xmlStructure instanceof X509Data) {
			X509Data x509data = (X509Data)xmlStructure;
			List<?> x509datalist = x509data.getContent();
			for (int j = 0; j < x509datalist.size(); j++) {
				if (x509datalist.get(j) instanceof X509Certificate) {
					X509Certificate cert = (X509Certificate)x509datalist.get(j);
					pk = cert.getPublicKey();
					break;
				}
			}
		}
	}
	if (pk != null) {
		final PublicKey retpk = pk;
		logger.debug("PublicKey from XML=" + pk);
		return new KeySelectorResult() {public Key getKey(){return retpk;}};
	}
	throw new KeySelectorException("Missing KeyValue");
}
Example #4
Source File: X509KeySelector.java    From development with Apache License 2.0 5 votes vote down vote up 
@Override
public KeySelectorResult select(KeyInfo keyInfo,
        KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod,
        XMLCryptoContext context) throws KeySelectorException {

    if (keyInfo == null) {
        throw new KeySelectorException("Null KeyInfo object!");
    }

    @SuppressWarnings("unchecked")
    List<XMLStructure> list = keyInfo.getContent();
    for (XMLStructure xmlStructure : list) {
        if (xmlStructure instanceof X509Data) {
            X509Data x509Data = (X509Data) xmlStructure;
            @SuppressWarnings("rawtypes")
            List content = x509Data.getContent();
            for (int i = 0; i < content.size(); i++) {
                Object x509Content = content.get(i);
                if (x509Content instanceof X509Certificate) {
                    X509Certificate certificate = (X509Certificate) x509Content;
                    try {
                        return getPublicKeyFromKeystore(certificate,
                                (SignatureMethod) algorithmMethod);
                    } catch (KeyStoreException e) {
                        throw new KeySelectorException(e);
                    }
                }
            }
        }
    }

    throw new KeySelectorException("No X509Data element found.");
}
Example #5
Source File: X509KeySelector.java    From development with Apache License 2.0 5 votes vote down vote up 
KeySelectorResult getPublicKeyFromKeystore(X509Certificate certificate,
        SignatureMethod signatureMethod) throws KeyStoreException,
        KeySelectorException {

    isSigningCertificate(certificate);
    return searchInKeystore(certificate, signatureMethod);
}
Example #6
Source File: X509KeySelector.java    From development with Apache License 2.0 5 votes vote down vote up 
KeySelectorResult searchInKeystore(X509Certificate certificate,
        SignatureMethod signatureMethod) throws KeyStoreException,
        KeySelectorException {
    String alias = keystore.getCertificateAlias(certificate);
    if (alias != null) {
        PublicKey pk = keystore.getCertificate(alias).getPublicKey();
        if (algorithmCompatibleWithMethod(signatureMethod.getAlgorithm(),
                pk.getAlgorithm())) {
            return new SimpleKeySelectorResult(pk);
        }
    }
    throw new KeySelectorException(
            "X509 content is not a signing certificate");
}
Example #7
Source File: KeyValueKeySelector.java    From development with Apache License 2.0 5 votes vote down vote up 
@Override
public KeySelectorResult select(KeyInfo keyInfo,
        KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod,
        XMLCryptoContext context) throws KeySelectorException {

    if (keyInfo == null) {
        throw new KeySelectorException("Null KeyInfo object!");
    }

    @SuppressWarnings("unchecked")
    List<XMLStructure> list = keyInfo.getContent();
    for (XMLStructure xmlStructure : list) {
        if (xmlStructure instanceof KeyValue) {
            PublicKey publicKey = null;
            try {
                publicKey = ((KeyValue) xmlStructure).getPublicKey();
            } catch (KeyException ke) {
                throw new KeySelectorException(ke);
            }
            if (algorithmCompatibleWithMethod(
                    algorithmMethod.getAlgorithm(),
                    publicKey.getAlgorithm())) {
                return new SimpleKeySelectorResult(publicKey);
            }
        }
    }

    throw new KeySelectorException("No RSA/DSA KeyValue element found");
}
Example #8
Source File: X509KeySelector.java    From SAMLRaider with MIT License 5 votes vote down vote up 
public KeySelectorResult select(KeyInfo keyInfo,
                                  KeySelector.Purpose purpose,
                                  AlgorithmMethod method,
                                  XMLCryptoContext context)
      throws KeySelectorException {
      @SuppressWarnings("rawtypes")
Iterator ki = keyInfo.getContent().iterator();
      while (ki.hasNext()) {
          XMLStructure info = (XMLStructure) ki.next();
          if (!(info instanceof X509Data))
              continue;
          X509Data x509Data = (X509Data) info;
          @SuppressWarnings("rawtypes")
	Iterator xi = x509Data.getContent().iterator();
          while (xi.hasNext()) {
              Object o = xi.next();
              if (!(o instanceof X509Certificate))
                  continue;
              final PublicKey key = ((X509Certificate)o).getPublicKey();
              // Make sure the algorithm is compatible
              // with the method.
              if (algEquals(method.getAlgorithm(), key.getAlgorithm())) {
                  return new KeySelectorResult() {
                      public Key getKey() { return key; }
                  };
              }
          }
      }
      throw new KeySelectorException("No key found!");
  }
Example #9
Source File: X509KeySelector.java    From neoscada with Eclipse Public License 1.0 5 votes vote down vote up 
@Override
public KeySelectorResult select ( final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context ) throws KeySelectorException
{
    if ( keyInfo == null )
    {
        throw new KeySelectorException ( "Null KeyInfo object!" );
    }

    final SignatureMethod sm = (SignatureMethod)method;
    final List<?> list = keyInfo.getContent ();

    for ( final Object l : list )
    {
        final XMLStructure xmlStructure = (XMLStructure)l;
        if ( xmlStructure instanceof X509Data )
        {
            for ( final Object o : ( (X509Data)xmlStructure ).getContent () )
            {
                KeySelectorResult result = null;
                if ( o instanceof X509Certificate )
                {
                    result = findPublicKey ( (X509Certificate)o, sm );
                }

                if ( result != null )
                {
                    return result;
                }
            }
        }
    }
    throw new KeySelectorException ( "No KeyValue element found!" );
}
Example #10
Source File: KeyValueKeySelector.java    From neoscada with Eclipse Public License 1.0 5 votes vote down vote up 
@Override
public KeySelectorResult select ( final KeyInfo keyInfo, final KeySelector.Purpose purpose, final AlgorithmMethod method, final XMLCryptoContext context ) throws KeySelectorException
{
    if ( keyInfo == null )
    {
        throw new KeySelectorException ( "Null KeyInfo object!" );
    }

    final SignatureMethod sm = (SignatureMethod)method;
    final List<?> list = keyInfo.getContent ();

    for ( int i = 0; i < list.size (); i++ )
    {
        final XMLStructure xmlStructure = (XMLStructure)list.get ( i );
        if ( xmlStructure instanceof KeyValue )
        {
            try
            {
                final PublicKey pk = ( (KeyValue)xmlStructure ).getPublicKey ();
                // make sure algorithm is compatible with method
                if ( algEquals ( sm.getAlgorithm (), pk.getAlgorithm () ) )
                {
                    return new SimpleKeySelectorResult ( pk );
                }
            }
            catch ( final KeyException ke )
            {
                throw new KeySelectorException ( ke );
            }

        }
    }
    throw new KeySelectorException ( "No KeyValue element found!" );
}
Example #11
Source File: X509KeySelector.java    From io with Apache License 2.0 5 votes vote down vote up 
@SuppressWarnings("rawtypes")
@Override
public final KeySelectorResult select(
        final KeyInfo keyInfoToUse,
        final KeySelector.Purpose purpose,
        final AlgorithmMethod method,
        final XMLCryptoContext context) throws KeySelectorException {
    Iterator ki = keyInfoToUse.getContent().iterator();
    while (ki.hasNext()) {
        XMLStructure info = (XMLStructure) ki.next();
        if (!(info instanceof X509Data)) {
            continue;
        }
        X509Data x509Data = (X509Data) info;
        Iterator xi = x509Data.getContent().iterator();
        while (xi.hasNext()) {
            Object o = xi.next();
            if (!(o instanceof X509Certificate)) {
                continue;
            }
            X509Certificate x509Certificate = (X509Certificate) o;
            final PublicKey key = x509Certificate.getPublicKey();
            // Make sure the algorithm is compatible
            // with the method.
            if (algEquals(method.getAlgorithm(), key.getAlgorithm())) {
                // x509証明書検証
                cheakX509validate(x509Certificate);
                return new KeySelectorResult() {
                    @Override
                    public Key getKey() {
                        return key;
                    }
                };
            }
        }
    }
    throw new KeySelectorException("No key found!");
}
Example #12
Source File: XMLSignatureUtil.java    From keycloak with Apache License 2.0 5 votes vote down vote up 
@Override
public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) {
    return new KeySelectorResult() {
        @Override public Key getKey() {
            return key;
        }
    };
}
Example #13
Source File: X509KeySelector.java    From secure-data-service with Apache License 2.0 5 votes vote down vote up 
/**
 * Searches the specified keystore for a certificate that matches the
 * criteria specified in the CertSelector.
 *
 * @return a KeySelectorResult containing the cert's public key if there
 *         is a match; otherwise null
 */
private KeySelectorResult keyStoreSelect(CertSelector cs)
        throws KeyStoreException {
    Enumeration aliases = ks.aliases();
    while (aliases.hasMoreElements()) {
        String alias = (String) aliases.nextElement();
        Certificate cert = ks.getCertificate(alias);
        if (cert != null && cs.match(cert)) {
            return new SimpleKeySelectorResult(cert.getPublicKey());
        }
    }
    return null;
}
Example #14
Source File: RequestValidator.java    From neoscada with Eclipse Public License 1.0 4 votes vote down vote up 
public KeySelectorResult getKeySelectorResult ()
{
    return this.keySelectorResult;
}
Example #15
Source File: XMLSignature.java    From jdk8u-dev-jdk with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #16
Source File: XMLSignature.java    From jdk8u-jdk with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #17
Source File: XMLSignature.java    From openjdk-8 with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #18
Source File: XMLSignature.java    From jdk8u_jdk with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #19
Source File: XMLSignature.java    From jdk1.8-source-analysis with Apache License 2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #20
Source File: XMLSignature.java    From openjdk-8-source with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #21
Source File: XMLSignature.java    From hottub with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #22
Source File: XMLSignature.java    From Java8CN with Apache License 2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #23
Source File: XMLSignature.java    From jdk8u-jdk with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #24
Source File: XMLSignature.java    From openjdk-jdk9 with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #25
Source File: XMLSignature.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #26
Source File: XMLSignature.java    From openjdk-jdk8u with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #27
Source File: XMLSignature.java    From JDKSourceCode1.8 with MIT License 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #28
Source File: XMLSignature.java    From jdk8u60 with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #29
Source File: XMLSignature.java    From TencentKona-8 with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();
Example #30
Source File: XMLSignature.java    From dragonwell8_jdk with GNU General Public License v2.0 2 votes vote down vote up 
/**
 * Returns the result of the {@link KeySelector}, if specified, after
 * this <code>XMLSignature</code> has been signed or validated.
 *
 * @return the key selector result, or <code>null</code> if a key
 *    selector has not been specified or this <code>XMLSignature</code>
 *    has not been signed or validated
 */
KeySelectorResult getKeySelectorResult();