Package org.opensaml.xmlsec.signature.support.impl

Class BaseSignatureTrustEngine<TrustBasisType>

java.lang.Object
org.opensaml.xmlsec.signature.support.impl.BaseSignatureTrustEngine<TrustBasisType>
Type Parameters:
TrustBasisType - the type of trusted information which has been resolved and which will serve as the basis for trust evaluation
All Implemented Interfaces:
TrustEngine<Signature>, SignatureTrustEngine
Direct Known Subclasses:
ExplicitKeySignatureTrustEngine, PKIXSignatureTrustEngine
public abstract class BaseSignatureTrustEngine<TrustBasisType> extends Object implements SignatureTrustEngine
A base implementation of SignatureTrustEngine which evaluates the validity and trustworthiness of XML and raw signatures.

When processing XML signatures, the supplied KeyInfoCredentialResolver will be used to resolve credential(s) containing the (advisory) signing key from the KeyInfo element of the Signature, if present. If any of these credentials do contain the valid signing key, they will be evaluated for trustworthiness against trusted information, which will be resolved in an implementation-specific manner.

Subclasses are required to implement evaluateTrust(Credential, Object) using an implementation-specific trust model.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private final KeyInfoCredentialResolver
    keyInfoCredentialResolver
    KeyInfo credential resolver used to obtain the signing credential from a Signature's KeyInfo.
    private final org.slf4j.Logger
    log
    Class logger.

  • Constructor Summary

    Constructors
    Constructor
    Description
    BaseSignatureTrustEngine(KeyInfoCredentialResolver keyInfoResolver)
    Constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    checkParams(Signature signature, CriteriaSet trustBasisCriteria)
    Check the signature and credential criteria for required values.
    protected void
    checkParamsRaw(byte[] signature, byte[] content, String algorithmURI, CriteriaSet trustBasisCriteria)
    Check the signature and credential criteria for required values.
    protected abstract boolean
    doValidate(byte[] signature, byte[] content, String algorithmURI, CriteriaSet trustBasisCriteria, Credential candidateCredential)
    Determines whether a raw signature over specified content is valid and signed by a trusted credential.
    protected abstract boolean
    doValidate(Signature signature, CriteriaSet trustBasisCriteria)
    Validate the signature using the supplied trust criteria.
    protected abstract boolean
    evaluateTrust(Credential untrustedCredential, TrustBasisType trustBasis)
    Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information.
    KeyInfoCredentialResolver
    getKeyInfoResolver()
    Get the KeyInfoCredentialResolver instance used to resolve (advisory) signing credential information from KeyInfo elements contained within a Signature element.
    final boolean
    validate(byte[] signature, byte[] content, String algorithmURI, CriteriaSet trustBasisCriteria, Credential candidateCredential)
    Determines whether a raw signature over specified content is valid and signed by a trusted credential.
    final boolean
    validate(Signature signature, CriteriaSet trustBasisCriteria)
    Validates the token against trusted information obtained in an implementation-specific manner.
    protected boolean
    validate(Signature signature, TrustBasisType trustBasis)
    Attempt to establish trust by resolving signature verification credentials from the Signature's KeyInfo.
    protected boolean
    verifySignature(Signature signature, Credential credential)
    Attempt to verify a signature using the key from the supplied credential.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • log

      private final org.slf4j.Logger log
      Class logger.

    • keyInfoCredentialResolver

      private final KeyInfoCredentialResolver keyInfoCredentialResolver
      KeyInfo credential resolver used to obtain the signing credential from a Signature's KeyInfo.

  • Constructor Details

    • BaseSignatureTrustEngine

      public BaseSignatureTrustEngine(@Nonnull KeyInfoCredentialResolver keyInfoResolver)
      Constructor.
      Parameters:
      keyInfoResolver - KeyInfo credential resolver used to obtain the (advisory) signing credential from a Signature's KeyInfo element.

  • Method Details

    • getKeyInfoResolver

      @Nullable public KeyInfoCredentialResolver getKeyInfoResolver()
      Get the KeyInfoCredentialResolver instance used to resolve (advisory) signing credential information from KeyInfo elements contained within a Signature element. Note that credential(s) obtained via this resolver are not themselves trusted. They must be evaluated against the trusted credential information obtained from the trusted credential resolver.
      Specified by:
      getKeyInfoResolver in interface SignatureTrustEngine
      Returns:
      a KeyInfoCredentialResolver instance

    • validate

      public final boolean validate(@Nonnull Signature signature, @Nullable CriteriaSet trustBasisCriteria) throws SecurityException
      Validates the token against trusted information obtained in an implementation-specific manner.
      Specified by:
      validate in interface TrustEngine<TrustBasisType>
      Parameters:
      signature - security token to validate
      trustBasisCriteria - criteria used to describe and/or resolve the information which serves as the basis for trust evaluation
      Returns:
      true iff the token is trusted and valid
      Throws:
      SecurityException - thrown if there is a problem validating the security token

    • doValidate

      protected abstract boolean doValidate(@Nonnull Signature signature, @Nullable CriteriaSet trustBasisCriteria) throws SecurityException
      Validate the signature using the supplied trust criteria.
      Parameters:
      signature - the signature to validate
      trustBasisCriteria - criteria used to describe and/or resolve the information which serves as the basis for trust evaluation
      Returns:
      true if signature is valid and trusted, false otherwise
      Throws:
      SecurityException - if there is a fatal error evaluating the signature

    • validate

      public final boolean validate(@Nonnull byte[] signature, @Nonnull byte[] content, @Nonnull String algorithmURI, @Nullable CriteriaSet trustBasisCriteria, @Nullable Credential candidateCredential) throws SecurityException
      Determines whether a raw signature over specified content is valid and signed by a trusted credential.

      A candidate verification credential may optionally be supplied. If one is supplied and is determined to successfully verify the signature, an attempt will be made to establish trust on this basis.

      If a candidate credential is not supplied, or it does not successfully verify the signature, some implementations may be able to resolve candidate verification credential(s) in an implementation-specific manner based on the trusted criteria supplied, and then attempt to verify the signature and establish trust on this basis.

      Specified by:
      validate in interface SignatureTrustEngine
      Parameters:
      signature - the signature value
      content - the content that was signed
      algorithmURI - the signature algorithm URI which was used to sign the content
      trustBasisCriteria - criteria used to describe and/or resolve the information which serves as the basis for trust evaluation
      candidateCredential - the untrusted candidate credential containing the validation key for the signature (optional)
      Returns:
      true if the signature was valid for the provided content and was signed by a key contained within a credential established as trusted based on the supplied criteria, otherwise false
      Throws:
      SecurityException - thrown if there is a problem attempting to verify the signature such as the signature algorithm not being supported

    • doValidate

      protected abstract boolean doValidate(@Nonnull byte[] signature, @Nonnull byte[] content, @Nonnull String algorithmURI, @Nullable CriteriaSet trustBasisCriteria, @Nullable Credential candidateCredential) throws SecurityException
      Determines whether a raw signature over specified content is valid and signed by a trusted credential.

      A candidate verification credential may optionally be supplied. If one is supplied and is determined to successfully verify the signature, an attempt will be made to establish trust on this basis.

      If a candidate credential is not supplied, or it does not successfully verify the signature, some implementations may be able to resolve candidate verification credential(s) in an implementation-specific manner based on the trusted criteria supplied, and then attempt to verify the signature and establish trust on this basis.

      Parameters:
      signature - the signature value
      content - the content that was signed
      algorithmURI - the signature algorithm URI which was used to sign the content
      trustBasisCriteria - criteria used to describe and/or resolve the information which serves as the basis for trust evaluation
      candidateCredential - the untrusted candidate credential containing the validation key for the signature (optional)
      Returns:
      true if the signature was valid for the provided content and was signed by a key contained within a credential established as trusted based on the supplied criteria, otherwise false
      Throws:
      SecurityException - thrown if there is a problem attempting to verify the signature such as the signature algorithm not being supported

    • validate

      protected boolean validate(@Nonnull Signature signature, @Nullable TrustBasisType trustBasis) throws SecurityException
      Attempt to establish trust by resolving signature verification credentials from the Signature's KeyInfo. If any credentials so resolved correctly verify the signature, attempt to establish trust using subclass-specific trust logic against trusted information as implemented in evaluateTrust(Credential, Object).
      Parameters:
      signature - the Signature to evaluate
      trustBasis - the information which serves as the basis for trust evaluation
      Returns:
      true if the signature is verified by any KeyInfo-derived credential which can be established as trusted, otherwise false
      Throws:
      SecurityException - if an error occurs during signature verification or trust processing

    • evaluateTrust

      protected abstract boolean evaluateTrust(@Nonnull Credential untrustedCredential, @Nullable TrustBasisType trustBasis) throws SecurityException
      Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information.
      Parameters:
      untrustedCredential - the untrusted credential being evaluated
      trustBasis - the information which serves as the basis for trust evaluation
      Returns:
      true if the trust can be established for the untrusted credential, otherwise false
      Throws:
      SecurityException - if an error occurs during trust processing

    • verifySignature

      protected boolean verifySignature(@Nonnull Signature signature, @Nonnull Credential credential)
      Attempt to verify a signature using the key from the supplied credential.
      Parameters:
      signature - the signature on which to attempt verification
      credential - the credential containing the candidate validation key
      Returns:
      true if the signature can be verified using the key from the credential, otherwise false

    • checkParams

      protected void checkParams(@Nonnull Signature signature, @Nonnull CriteriaSet trustBasisCriteria) throws SecurityException
      Check the signature and credential criteria for required values.
      Parameters:
      signature - the signature to be evaluated
      trustBasisCriteria - the set of trusted credential criteria
      Throws:
      SecurityException - thrown if required values are absent or otherwise invalid

    • checkParamsRaw

      protected void checkParamsRaw(@Nonnull byte[] signature, @Nonnull byte[] content, @Nonnull String algorithmURI, @Nonnull CriteriaSet trustBasisCriteria) throws SecurityException
      Check the signature and credential criteria for required values.
      Parameters:
      signature - the signature to be evaluated
      content - the data over which the signature was computed
      algorithmURI - the signing algorithm URI which was used
      trustBasisCriteria - the set of trusted credential criteria
      Throws:
      SecurityException - thrown if required values are absent or otherwise invalid