From bee5dd259a4438d45ecd1bcc26dfba12875236d6 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 26 Jun 2018 11:03:48 +0200
Subject: initial commit

---
 .../pvp2/impl/validation/TrustEngineFactory.java   | 41 ++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java

(limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java')

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
new file mode 100644
index 00000000..529f1ab6
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
@@ -0,0 +1,41 @@
+/*******************************************************************************
+ *******************************************************************************/
+package at.gv.egiz.eaaf.modules.pvp2.impl.validation;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.security.MetadataCredentialResolver;
+import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
+import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
+import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
+import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
+import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
+import org.opensaml.xml.signature.SignatureTrustEngine;
+import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
+
+public class TrustEngineFactory {
+
+	public static SignatureTrustEngine getSignatureKnownKeysTrustEngine(MetadataProvider provider) {
+		MetadataCredentialResolver resolver;
+
+		resolver = new MetadataCredentialResolver(provider);
+
+		List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
+		keyInfoProvider.add(new DSAKeyValueProvider());
+		keyInfoProvider.add(new RSAKeyValueProvider());
+		keyInfoProvider.add(new InlineX509DataProvider());
+
+		KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
+				keyInfoProvider);
+
+		ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
+				resolver, keyInfoResolver);
+
+		return engine;
+
+	}
+
+}
-- 
cgit v1.2.3