- 3,723,347 Users
- 2,244,533 Discussions
- 7,850,424 Comments
Forum Stats
Discussions
Categories
- 16 Data
- 362.2K Big Data Appliance
- 7 Data Science
- 2.1K Databases
- 608 General Database Discussions
- 3.7K Java and JavaScript in the Database
- 32 Multilingual Engine
- 497 MySQL Community Space
- 7 NoSQL Database
- 7.7K Oracle Database Express Edition (XE)
- 2.8K ORDS, SODA & JSON in the Database
- 422 SQLcl
- 61 SQL Developer Data Modeler
- 185.1K SQL & PL/SQL
- 21.1K SQL Developer
- 2.4K Development
- 3 Developer Projects
- 32 Programming Languages
- 135.6K Development Tools
- 13 DevOps
- 3K QA/Testing
- 334 Java
- 10 Java Learning Subscription
- 12 Database Connectivity
- 71 Java Community Process
- 2 Java 25
- 11 Java APIs
- 141.2K Java Development Tools
- 8 Java EE (Java Enterprise Edition)
- 153K Java Essentials
- 135 Java 8 Questions
- 86.2K Java Programming
- 270 Java Lambda MOOC
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 16 Java SE
- 13.8K Java Security
- 4 Java User Groups
- 22 JavaScript - Nashorn
- 18 Programs
- 147 LiveLabs
- 34 Workshops
- 10 Software
- 4 Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 4 Deutsche Oracle Community
- 16 Español
- 1.9K Japanese
- 3 Portuguese
Code failing to validate SAML Response on digest
jason.lyle
Member Posts: 7
I am attempting to write some java code to verify the XML digital signature of a SAML response. I have verified the SAML response with other tools, so I know it is valid (excluding timing issues, not a factor to the digital signature). Below is the code I have used that I believe should be able to do this validation as well as the signature I am trying to validate.
When I run the code, I get the following output
<span class="typ" style="color: #2b91af;">Signature</span><span class="pln" style="color: #303336;"> </span><span class="lit" style="color: #7d2727;">0</span><span class="pun" style="color: #303336;">:</span><span class="pln" style="color: #303336;"><br/></span><span class="pun" style="color: #303336;">..</span><span class="typ" style="color: #2b91af;">Signature</span><span class="pln" style="color: #303336;"> failed core validation<br/></span><span class="pun" style="color: #303336;">....</span><span class="pln" style="color: #303336;">signature validation status</span><span class="pun" style="color: #303336;">:</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">true</span><span class="pln" style="color: #303336;"><br/></span><span class="pun" style="color: #303336;">....</span><span class="pln" style="color: #303336;">ref</span><span class="pun" style="color: #303336;">[</span><span class="lit" style="color: #7d2727;">0</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">#</span><span class="pln" style="color: #303336;">id14167335278088961501144300</span><span class="pun" style="color: #303336;">]</span><span class="pln" style="color: #303336;"> validation status</span><span class="pun" style="color: #303336;">:</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">false</span><span class="pln" style="color: #303336;"><br/><br/></span><span class="typ" style="color: #2b91af;">Signature</span><span class="pln" style="color: #303336;"> </span><span class="lit" style="color: #7d2727;">1</span><span class="pun" style="color: #303336;">:</span><span class="pln" style="color: #303336;"><br/></span><span class="pun" style="color: #303336;">..</span><span class="typ" style="color: #2b91af;">Signature</span><span class="pln" style="color: #303336;"> passed core validation<br/></span><span class="pun" style="color: #303336;">....</span><span class="pln" style="color: #303336;">signature validation status</span><span class="pun" style="color: #303336;">:</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">true</span><span class="pln" style="color: #303336;"><br/></span><span class="pun" style="color: #303336;">....</span><span class="pln" style="color: #303336;">ref</span><span class="pun" style="color: #303336;">[</span><span class="lit" style="color: #7d2727;">0</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">#</span><span class="pln" style="color: #303336;">id141673352781342501524143644</span><span class="pun" style="color: #303336;">]</span><span class="pln" style="color: #303336;"> validation status</span><span class="pun" style="color: #303336;">:</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">true</span>
I have no idea why the digest for reference id14167335278088961501144300 is not validating. Can anyone shed some light on what I am doing wrong?
Note: I am loading the XSD from a URL in this example so I don't have to include 4 XSD files in my question. However, because of this, the program can take a minute to run. I know this slowdown can be eliminated with local XSD files, it just is not feasible to do that way with the posted code.
XMLDSigVerifier.java:
<span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">io</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">ByteArrayInputStream</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">io</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">File</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">io</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">IOException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">io</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">StringReader</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">net</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">URL</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">nio</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">charset</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">StandardCharsets</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">nio</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">file</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Files</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">nio</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">file</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Paths</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">KeyStore</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">KeyStoreException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">NoSuchAlgorithmException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">cert</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">CertificateException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">cert</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">CertificateFactory</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">cert</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">X509Certificate</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> java</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">util</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Iterator</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">XMLConstants</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">MarshalException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dsig</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Reference</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dsig</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">XMLSignature</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dsig</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">XMLSignatureException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dsig</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">XMLSignatureFactory</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dsig</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dom</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">DOMValidateContext</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">crypto</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">test</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dsig</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">X509KeySelector</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">parsers</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">DocumentBuilder</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">parsers</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">DocumentBuilderFactory</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">parsers</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">ParserConfigurationException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">validation</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Schema</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> javax</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">validation</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">SchemaFactory</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> org</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">w3c</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dom</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Document</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> org</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">w3c</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dom</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Node</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> org</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">w3c</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dom</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">NodeList</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> org</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">sax</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">InputSource</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> org</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xml</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">sax</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">SAXException</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> com</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">sun</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">org</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">apache</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">xerces</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">internal</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">impl</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">dv</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">util</span><span class="pun" style="color: #303336;">.</span><span class="typ" style="color: #2b91af;">Base64</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/></span><span class="kwd" style="color: #101094;">import</span><span class="pln" style="color: #303336;"> sun</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">security</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">provider</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">X509Factory</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/></span><span class="kwd" style="color: #101094;">public</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">class</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">XMLDSigVerifier</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">public</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">static</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">void</span><span class="pln" style="color: #303336;"> main </span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">String</span><span class="pun" style="color: #303336;">[]</span><span class="pln" style="color: #303336;"> args</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">throws</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">ParserConfigurationException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">SAXException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">IOException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">KeyStoreException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">MarshalException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">XMLSignatureException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">NoSuchAlgorithmException</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">CertificateException</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="com" style="color: #858c93;">//Get XML as a string, will be parameter in final version</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">String</span><span class="pln" style="color: #303336;"> sigString </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">String</span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">Files</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">readAllBytes</span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">Paths</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">get</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"src/signature.xml"</span><span class="pun" style="color: #303336;">)),</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">StandardCharsets</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">UTF_8</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">InputSource</span><span class="pln" style="color: #303336;"> is </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">InputSource</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"><br/> is</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">setCharacterStream</span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">StringReader</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">sigString</span><span class="pun" style="color: #303336;">));</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="com" style="color: #858c93;">//Get X509Certificate as a string, will be parameter in final version</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">String</span><span class="pln" style="color: #303336;"> samlCertString</span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">"-----BEGIN CERTIFICATE-----MIIDpDCCAoygAwIBAgIGAVjUwdcaMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi02NjI2ODExHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTYxMjA2MTUyOTIzWhcNMjYxMjA2MTUzMDIzWjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtNjYyNjgxMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLvIOJ11216IzuqZAbTiAoJy6WYxWuGXeUn4rpYkXLGOO0OoDahzhyquCQgLQC8mGlxCAq8gETQcdL+SX7lOlavHcNYiaYUD9IipMV0Kqt8TgfLO8UuYLb2jNNaQp+0tbcYv4SHpC4nXTndlo2nk3cJVELvXYfvjqKzDvtMwACy37Vc01GZbFQXhSEfBt9J2aQzLPFzH/RxKeOjzKW0kxWgYpfP0NZPtwkHrsdZaqpaR+039v5bckVSQvs0ZMz1Ionv+keWzM6YpQg7sF/OsvN05u0tkrGYDq1BoM9yH1h11bXrVhLvdOjo4bSVjeiAZ2LNOTurGO4JfH+CqT15c5wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQC8jLBoAM35/6pwtUJ86BhYKvtjB6t3k+5uFRUx8rBWYL5atirRPF73W4f6AIkIp36zkS0os0RHuFK0bG2FPnjQj+FpErd8zji8PVFQ2LZ0WPNLYP7g7BWxAoNct2q0Iw3TACY6h722Cq6WS9ZP4O2iv3kkpo4A7JZvuf4yGGY2nVfx5nLZAmcEA9bZmHhcgmPLs2FBYpLYPs/5P4nd2HeiTJW+F6M75g9E4wG+sf3q2zqzh+AmV5kHffWnGx2MPdUmyFPU80zcDzEpodVU73YUxJIJScwjjXzytuQSB2FcM0TMqwYUq2qGVAPhBw4nnAxeScbMyMbFVDrNyMeejDhq-----END CERTIFICATE-----"</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/> X509Certificate samlCert</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/> samlCert </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> parseCertificate</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">samlCertString</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="typ" style="color: #2b91af;">KeyStore</span><span class="pln" style="color: #303336;"> ks </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">KeyStore</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getInstance</span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">KeyStore</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getDefaultType</span><span class="pun" style="color: #303336;">());</span><span class="pln" style="color: #303336;"><br/><br/> ks</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">load</span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">null</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">null</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> ks</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">setCertificateEntry</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"a"</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> samlCert</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="typ" style="color: #2b91af;">SchemaFactory</span><span class="pln" style="color: #303336;"> schemaFactory </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">SchemaFactory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">newInstance</span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">XMLConstants</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">W3C_XML_SCHEMA_NS_URI</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/></span><span class="com" style="color: #858c93;">// File xsd = new File("src/saml-schema-protocol-2.0.xsd");</span><span class="pln" style="color: #303336;"><br/></span><span class="com" style="color: #858c93;">// Schema schema = schemaFactory.newSchema(xsd);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">Schema</span><span class="pln" style="color: #303336;"> schema </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> schemaFactory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">newSchema</span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> URL</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;"><span>"</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd" rel="nofollow">http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd</a><span>"</span></span><span class="pun" style="color: #303336;">));</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">DocumentBuilderFactory</span><span class="pln" style="color: #303336;"> dbf </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">DocumentBuilderFactory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">newInstance</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"><br/> dbf</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">setNamespaceAware</span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">true</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> dbf</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">setSchema</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">schema</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">DocumentBuilder</span><span class="pln" style="color: #303336;"> builder </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> dbf</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">newDocumentBuilder</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">Document</span><span class="pln" style="color: #303336;"> doc </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> builder</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">parse</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">is</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="typ" style="color: #2b91af;">NodeList</span><span class="pln" style="color: #303336;"> signatureNodeList </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> doc</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getElementsByTagNameNS</span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">XMLSignature</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">XMLNS</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">"Signature"</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">Node</span><span class="pln" style="color: #303336;"> signatureNode</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="kwd" style="color: #101094;">for</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">int</span><span class="pln" style="color: #303336;"> sigIndex </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="lit" style="color: #7d2727;">0</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"> sigIndex </span><span class="pun" style="color: #303336;"><</span><span class="pln" style="color: #303336;"> signatureNodeList</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getLength</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"> sigIndex</span><span class="pun" style="color: #303336;">++)</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> signatureNode </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> signatureNodeList</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">item</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">sigIndex</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="kwd" style="color: #101094;">if</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">sigIndex </span><span class="pun" style="color: #303336;">></span><span class="pln" style="color: #303336;"> </span><span class="lit" style="color: #7d2727;">0</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">System</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">out</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">println</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">""</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">System</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">out</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">println</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"Signature "</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> sigIndex </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">":"</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="typ" style="color: #2b91af;">DOMValidateContext</span><span class="pln" style="color: #303336;"> valContext </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">DOMValidateContext</span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> X509KeySelector</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">ks</span><span class="pun" style="color: #303336;">),</span><span class="pln" style="color: #303336;"> signatureNode</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> valContext</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">setProperty</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"javax.xml.crypto.dsig.cacheReference"</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">Boolean</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">TRUE</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="typ" style="color: #2b91af;">XMLSignatureFactory</span><span class="pln" style="color: #303336;"> factory </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">XMLSignatureFactory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getInstance</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"DOM"</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">XMLSignature</span><span class="pln" style="color: #303336;"> signature </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> factory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">unmarshalXMLSignature</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">valContext</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">boolean</span><span class="pln" style="color: #303336;"> coreValidity </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> signature</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">validate</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">valContext</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="com" style="color: #858c93;">//Check Validity</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">if</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">coreValidity </span><span class="pun" style="color: #303336;">==</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">false</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">System</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">err</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">println</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"..Signature failed core validation"</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">try</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="com" style="color: #858c93;">//Sleep because of eclipse bug</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">Thread</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">sleep</span><span class="pun" style="color: #303336;">(</span><span class="lit" style="color: #7d2727;">5</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">catch</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">InterruptedException</span><span class="pln" style="color: #303336;"> e</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> e</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">printStackTrace</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">else</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">System</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">out</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">println</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"..Signature passed core validation"</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"> <br/><br/> </span><span class="com" style="color: #858c93;">//Check validity Parts</span><span class="pln" style="color: #303336;"><br/> </span><span class="com" style="color: #858c93;">//Validity Part 1: Check Signature Validation</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">boolean</span><span class="pln" style="color: #303336;"> sv </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> signature</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getSignatureValue</span><span class="pun" style="color: #303336;">().</span><span class="pln" style="color: #303336;">validate</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">valContext</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">System</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">out</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">println</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"....signature validation status: "</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> sv</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="com" style="color: #858c93;">//Validity Part 2: Check References </span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">Iterator</span><span class="pun" style="color: #303336;"><?></span><span class="pln" style="color: #303336;"> i </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> signature</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getSignedInfo</span><span class="pun" style="color: #303336;">().</span><span class="pln" style="color: #303336;">getReferences</span><span class="pun" style="color: #303336;">().</span><span class="pln" style="color: #303336;">iterator</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">for</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">int</span><span class="pln" style="color: #303336;"> j </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="lit" style="color: #7d2727;">0</span><span class="pun" style="color: #303336;">;</span><span class="pln" style="color: #303336;"> i</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">hasNext</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"> j</span><span class="pun" style="color: #303336;">++)</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">Reference</span><span class="pln" style="color: #303336;"> ref </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">Reference</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"> i</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">next</span><span class="pun" style="color: #303336;">();</span><span class="pln" style="color: #303336;"><br/> </span><span class="kwd" style="color: #101094;">boolean</span><span class="pln" style="color: #303336;"> refValid </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> ref</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">validate</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">valContext</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="typ" style="color: #2b91af;">System</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">out</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">println</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"....ref["</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> j </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">", "</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> ref</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getURI</span><span class="pun" style="color: #303336;">()</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">"] validation status: "</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">+</span><span class="pln" style="color: #303336;"> refValid</span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="kwd" style="color: #101094;">public</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">static</span><span class="pln" style="color: #303336;"> X509Certificate parseCertificate</span><span class="pun" style="color: #303336;">(</span><span class="typ" style="color: #2b91af;">String</span><span class="pln" style="color: #303336;"> certStr</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"> </span><span class="kwd" style="color: #101094;">throws</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">CertificateException</span><span class="pun" style="color: #303336;">{</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="kwd" style="color: #101094;">byte</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">[]</span><span class="pln" style="color: #303336;"> decoded </span><span class="pun" style="color: #303336;">=</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">Base64</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">decode</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;"><br/> certStr<br/> </span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">replaceAll</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">X509Factory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">BEGIN_CERT</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">""</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">replaceAll</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">X509Factory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">END_CERT</span><span class="pun" style="color: #303336;">,</span><span class="pln" style="color: #303336;"> </span><span class="str" style="color: #7d2727;">""</span><span class="pun" style="color: #303336;">)</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">);</span><span class="pln" style="color: #303336;"><br/><br/> </span><span class="kwd" style="color: #101094;">return</span><span class="pln" style="color: #303336;"> </span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">X509Certificate</span><span class="pun" style="color: #303336;">)</span><span class="typ" style="color: #2b91af;">CertificateFactory</span><span class="pun" style="color: #303336;">.</span><span class="pln" style="color: #303336;">getInstance</span><span class="pun" style="color: #303336;">(</span><span class="str" style="color: #7d2727;">"X.509"</span><span class="pun" style="color: #303336;">).</span><span class="pln" style="color: #303336;">generateCertificate</span><span class="pun" style="color: #303336;">(</span><span class="kwd" style="color: #101094;">new</span><span class="pln" style="color: #303336;"> </span><span class="typ" style="color: #2b91af;">ByteArrayInputStream</span><span class="pun" style="color: #303336;">(</span><span class="pln" style="color: #303336;">decoded</span><span class="pun" style="color: #303336;">));</span><span class="pln" style="color: #303336;"><br/> </span><span class="pun" style="color: #303336;">}</span><span class="pln" style="color: #303336;"><br/></span><span class="pun" style="color: #303336;">}</span>signature.xml
<?xml version="1.0" encoding="UTF-8"?><saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="
Tagged: