[picketlink-commits] Picketlink SVN: r879 - federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util.

[picketlink-commits at lists.jboss.org]

Author: anil.saldhana at jboss.com
Date: 2011-04-13 01:00:48 -0400 (Wed, 13 Apr 2011)
New Revision: 879

Modified:
   federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
Log:
PLFED-175: assertion sig

Modified: federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java
===================================================================
--- federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java	2011-04-13 03:03:02 UTC (rev 878)
+++ federation/trunk/picketlink-fed-core/src/main/java/org/picketlink/identity/federation/core/saml/v2/util/AssertionUtil.java	2011-04-13 05:00:48 UTC (rev 879)
@@ -21,6 +21,7 @@
  */
 package org.picketlink.identity.federation.core.saml.v2.util;
 
+import java.security.PublicKey;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
@@ -31,6 +32,7 @@
 import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
 import org.picketlink.identity.federation.core.saml.v2.constants.JBossSAMLConstants;
 import org.picketlink.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
+import org.picketlink.identity.federation.core.util.XMLSignatureUtil;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AttributeStatementType.ASTChoiceType;
@@ -38,6 +40,8 @@
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.ConditionsType;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.NameIDType;
 import org.picketlink.identity.federation.newmodel.saml.v2.assertion.StatementAbstractType;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
 /**
@@ -148,6 +152,29 @@
    }
 
    /**
+    * Given an assertion element, validate the signature
+    * @param assertionElement
+    * @param publicKey the {@link PublicKey}
+    * @return
+    */
+   public static boolean isSignatureValid(Element assertionElement, PublicKey publicKey)
+   {
+      try
+      {
+         Document doc = DocumentUtil.createDocument();
+         Node n = doc.importNode(assertionElement, true);
+         doc.appendChild(n);
+
+         return XMLSignatureUtil.validate(doc, publicKey);
+      }
+      catch (Exception e)
+      {
+         log.error("Cannot validate signature of assertion", e);
+      }
+      return false;
+   }
+
+   /**
     * Check whether the assertion has expired
     * @param assertion
     * @return