Examples of CriteriaSet

Examples of org.opensaml.xml.security.CriteriaSet

748
749
750
751
752
753
754
755
756
757
758
     * @param encryptedData the encrypted data to decrypt
     * @return the decrypted document fragment, or null if decryption key could not be resolved or decryption failed
     */
    private DocumentFragment decryptUsingResolvedKey(EncryptedData encryptedData) {
        if (resolver != null) {
            CriteriaSet criteriaSet = buildCredentialCriteria(encryptedData, resolverCriteria);
            try {
                for (Credential cred : resolver.resolve(criteriaSet)) {
                    try {
                        return decryptDataToDOM(encryptedData, SecurityHelper.extractDecryptionKey(cred));
                    } catch (DecryptionException e) {
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
     * @param staticCriteria static set of credential criteria to add to the new criteria set
     * @return the new credential criteria set
     */
    private CriteriaSet buildCredentialCriteria(EncryptedType encryptedType, CriteriaSet staticCriteria) {

        CriteriaSet newCriteriaSet = new CriteriaSet();

        // This is the main criteria based on the encrypted type's KeyInfo
        newCriteriaSet.add(new KeyInfoCriteria(encryptedType.getKeyInfo()));

        // Also attemtpt to dynamically construct key criteria based on information
        // in the encrypted object
        Set<Criteria> keyCriteria = buildKeyCriteria(encryptedType);
        if (keyCriteria != null && !keyCriteria.isEmpty()) {
            newCriteriaSet.addAll(keyCriteria);
        }

        // Add any static criteria which may have been supplied to the decrypter
        if (staticCriteria != null && !staticCriteria.isEmpty()) {
            newCriteriaSet.addAll(staticCriteria);
        }

        // If don't have a usage criteria yet from static criteria, add encryption usage
        if (!newCriteriaSet.contains(UsageCriteria.class)) {
            newCriteriaSet.add(new UsageCriteria(UsageType.ENCRYPTION));
        }

        return newCriteriaSet;
    }
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

141
142
143
144
145
146
147
148
149
150
151
     *          local credential resolver
     */
    protected Collection<? extends Credential> resolveByKeyName(String keyName) throws SecurityException {
        ArrayList<Credential> localCreds = new ArrayList<Credential>();
       
        CriteriaSet criteriaSet = new CriteriaSet( new KeyNameCriteria(keyName) );
        for (Credential cred : getLocalCredentialResolver().resolve(criteriaSet)) {
            if (isLocalCredential(cred)) {
                localCreds.add(cred);
            }
        }
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

163
164
165
166
167
168
169
170
171
172
173
     *          local credential resolver
     */
    protected Collection<? extends Credential> resolveByPublicKey(PublicKey publicKey) throws SecurityException {
        ArrayList<Credential> localCreds = new ArrayList<Credential>();
       
        CriteriaSet criteriaSet = new CriteriaSet( new PublicKeyCriteria(publicKey) );
        for (Credential cred : getLocalCredentialResolver().resolve(criteriaSet)) {
            if (isLocalCredential(cred)) {
                localCreds.add(cred);
            }
        }
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
            throw new SecurityPolicyException("Supplied message context was not an instance of SAMLMessageContext");
        }
       
        SAMLMessageContext samlContext = (SAMLMessageContext) messageContext;
       
        CriteriaSet criteriaSet = new CriteriaSet();
        if (! DatatypeHelper.isEmpty(entityID)) {
            criteriaSet.add(new EntityIDCriteria(entityID) );
        }
       
        MetadataCriteria mdCriteria =
            new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext.getInboundSAMLProtocol());
        criteriaSet.add(mdCriteria);
       
        criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
       
        return criteriaSet;
    }
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

57
58
59
60
61
62
63
64
65
66
67
68
            throw new SecurityPolicyException("Supplied message context was not an instance of SAMLMessageContext");
        }
       
        SAMLMessageContext samlContext = (SAMLMessageContext) messageContext;

        CriteriaSet criteriaSet = super.buildCriteriaSet(entityID, messageContext);
        MetadataCriteria mdCriteria =
            new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext.getInboundSAMLProtocol());
        criteriaSet.add(mdCriteria);

        return criteriaSet;
    }
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
        String contextIssuer = samlMsgCtx.getInboundMessageIssuer();

        if (contextIssuer != null) {
            log.debug("Attempting to validate SAML protocol message simple signature using context issuer: {}",
                    contextIssuer);
            CriteriaSet criteriaSet = buildCriteriaSet(contextIssuer, samlMsgCtx);
            if (validateSignature(signature, signedContent, algorithmURI, criteriaSet, candidateCredentials)) {
                log.info("Validation of request simple signature succeeded");
                if (!samlMsgCtx.isInboundSAMLMessageAuthenticated()) {
                    log.info("Authentication via request simple signature succeeded for context issuer entity ID {}",
                            contextIssuer);
                    samlMsgCtx.setInboundSAMLMessageAuthenticated(true);
                }
                return;
            } else {
                log.warn("Validation of request simple signature failed for context issuer: {}", contextIssuer);
                throw new SecurityPolicyException("Validation of request simple signature failed for context issuer");
            }
        }
           
        String derivedIssuer = deriveSignerEntityID(samlMsgCtx);
        if (derivedIssuer != null) {
            log.debug("Attempting to validate SAML protocol message simple signature using derived issuer: {}",
                    derivedIssuer);
            CriteriaSet criteriaSet = buildCriteriaSet(derivedIssuer, samlMsgCtx);
            if (validateSignature(signature, signedContent, algorithmURI, criteriaSet, candidateCredentials)) {
                log.info("Validation of request simple signature succeeded");
                if (!samlMsgCtx.isInboundSAMLMessageAuthenticated()) {
                    log.info("Authentication via request simple signature succeeded for derived issuer {}",
                            derivedIssuer);
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
     * @throws SecurityPolicyException thrown if criteria set can not be constructed
     */
    protected CriteriaSet buildCriteriaSet(String entityID, SAMLMessageContext samlContext)
            throws SecurityPolicyException {

        CriteriaSet criteriaSet = new CriteriaSet();
        if (!DatatypeHelper.isEmpty(entityID)) {
            criteriaSet.add(new EntityIDCriteria(entityID));
        }

        MetadataCriteria mdCriteria = new MetadataCriteria(samlContext.getPeerEntityRole(), samlContext
                .getInboundSAMLProtocol());
        criteriaSet.add(mdCriteria);

        criteriaSet.add(new UsageCriteria(UsageType.SIGNING));

        return criteriaSet;
    }
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

602
603
604
605
606
607
608
609
610
611
612
        if (DatatypeHelper.isEmpty(algorithm)) {
            log.error("Algorithm of encrypted key not supplied, key decryption cannot proceed.");
            throw new DecryptionException("Algorithm of encrypted key not supplied, key decryption cannot proceed.");
        }

        CriteriaSet criteriaSet = buildCredentialCriteria(encryptedKey, kekResolverCriteria);
        try {
            for (Credential cred : kekResolver.resolve(criteriaSet)) {
                try {
                    return decryptKey(encryptedKey, algorithm, SecurityHelper.extractDecryptionKey(cred));
                } catch (DecryptionException e) {
View Full Code Here

Examples of org.opensaml.xml.security.CriteriaSet

726
727
728
729
730
731
732
733
734
735
736
     * @param encryptedData the encrypted data to decrypt
     * @return the decrypted document fragment, or null if decryption key could not be resolved or decryption failed
     */
    private DocumentFragment decryptUsingResolvedKey(EncryptedData encryptedData) {
        if (resolver != null) {
            CriteriaSet criteriaSet = buildCredentialCriteria(encryptedData, resolverCriteria);
            try {
                for (Credential cred : resolver.resolve(criteriaSet)) {
                    try {
                        return decryptDataToDOM(encryptedData, SecurityHelper.extractDecryptionKey(cred));
                    } catch (DecryptionException e) {
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.