Update AssertionGenerator.java

2020-04-25 15:07:02 +08:00
parent 179dfed51e
commit 66fd8d2b6f
1 changed files with 66 additions and 3 deletions
--- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AssertionGenerator.java
+++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AssertionGenerator.java
@@ -103,7 +103,7 @@ public class AssertionGenerator {
 	        
 	        Signature signature = new SignatureBuilder().buildObject();
 	        signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
-	        signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+	        
 	        
 	        signature.setSigningCredential(basicCredential);
 	        KeyInfoGeneratorFactory keyInfoGeneratorFactory = Configuration
@@ -113,8 +113,71 @@ public class AssertionGenerator {
 	        
 	        signature.setKeyInfo(keyInfoGeneratorFactory.newInstance().generate(bindingAdapter.getSigningCredential()));
 	        BasicSecurityConfiguration config = (BasicSecurityConfiguration) Configuration.getGlobalSecurityConfiguration();
-	        config.registerSignatureAlgorithmURI("RSA", SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
-	        config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA256);
+	        
+	        if(saml20Details.getSignature().equalsIgnoreCase("RSAwithSHA1"))  {  
+    	        signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+    	        config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+	        }else if(saml20Details.getSignature().equalsIgnoreCase("RSAwithSHA256"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("RSAwithSHA384"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA384);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA384);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("RSAwithSHA512"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("RSAwithMD5"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("RSAwithRIPEMD160"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_RIPEMD160);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_RSA_RIPEMD160);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("DSAwithSHA1"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("ECDSAwithSHA256"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("ECDSAwithSHA384"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA384);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA384);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("ECDSAwithSHA512"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA512);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA512);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("HMAC-MD5"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("HMAC-SHA1"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_MAC_HMAC_SHA1);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("HMAC-SHA256"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_MAC_HMAC_SHA256);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_MAC_HMAC_SHA256);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("HMAC-SHA384"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_MAC_HMAC_SHA384);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_MAC_HMAC_SHA384);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("HMAC-SHA512"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_MAC_HMAC_SHA512);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_MAC_HMAC_SHA512);
+            }else if(saml20Details.getSignature().equalsIgnoreCase("HMAC-RIPEMD160"))  {  
+                signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_MAC_HMAC_RIPEMD160);
+                config.registerSignatureAlgorithmURI(saml20Details.getSignature(), SignatureConstants.ALGO_ID_MAC_HMAC_RIPEMD160);
+            }
+	        
+            if(saml20Details.getDigestMethod().equalsIgnoreCase("MD5"))  {  
+                config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_NOT_RECOMMENDED_MD5);
+            }else if(saml20Details.getDigestMethod().equalsIgnoreCase("SHA1"))  {  
+                config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA1);
+            }else if(saml20Details.getDigestMethod().equalsIgnoreCase("SHA256"))  {  
+                config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA256);
+            }else if(saml20Details.getDigestMethod().equalsIgnoreCase("SHA384"))  {  
+                config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA384);
+            }else if(saml20Details.getDigestMethod().equalsIgnoreCase("SHA512"))  {  
+                config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA512);
+            }else if(saml20Details.getDigestMethod().equalsIgnoreCase("RIPEMD-160"))  {  
+                config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_RIPEMD160);
+            }
+            
 			assertion.setSignature(signature);

 			Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);