/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: FSSignatureUtil.java,v 1.3 2008/07/17 16:56:39 exu Exp $
*
*/
/**
* Util methods to sign and verify signature on query string.
*/
public class FSSignatureUtil {
/**
* Signs a string using enveloped signatures.
* @param queryString the string to be signed
* @param certAlias signer's certificate alias
* @return string with encoded signature or <code>null</code> if it
* couldn't be signed.
*/
{
"FSSignatureUtil.signAndReturnQueryString: Called");
+ "signAndReturnQueryString: "
return null;
} else {
"FSSignatureUtil.signAndReturnQueryString: queryString: " +
}
}
"FSSignatureUtil.signAndReturnQueryString: "
return null;
} else {
"FSSignatureUtil.signAndReturnQueryString: certAlias: " +
}
}
{
"FSSignatureUtil.signAndReturnQueryString: "
+ "private key algorithm is: RSA");
}
{
"FSSignatureUtil.signAndReturnQueryString: "
+ "private key algorithm is: DSA");
}
} else {
"FSSignatureUtil.signAndReturnQueryString: "
+ "private key algorithm is not supported");
return null;
}
}
"FSSignatureUtil.signAndReturnQueryString: "
+ "Querystring to be signed: " + queryString);
}
try {
} catch(FSSignatureException se){
+ "signAndReturnQueryString: FSSignatureException occured "
+ "while signing query string: " , se);
return null;
}
+ "signAndReturnQueryString: Signature generated is null");
return null;
}
+ "signAndReturnQueryString:Signed Querystring: "
+ queryString);
}
return queryString;
}
/**
* Verifies signature on the request.
* @param request <code>HttpServletRequest</code> object
* @param cert Signer's certificate.
* @return <code>true</code> if the signature is valid; <code>false</code>
* otherwise.
*/
public static boolean verifyRequestSignature(
)
{
try{
// to make sure always use the public key in provider's
// configuration to verify signature
"FSSignatureUtil.verifyRequestSignature: "
+ "couldn't obtain this site's cert.");
}
return false;
}
}
}
{
return false;
}
} else {
"FSSignatureUtil.signAndReturnQueryString: "
+ "Invalid signature algorithim");
return false;
}
+ "queryString to be verifed:" + queryString);
}
+ "Signature: " + encSig);
}
+ "String to be verified: " + newQueryString);
}
cert);
}catch(Exception e){
+ "Exception occured while verifying SP's signature:" , e);
return false;
}
}
}