diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-04-15 13:29:20 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-04-15 13:29:20 +0200 |
| commit | c1b2382fcecd5bc47935ad46e16824802cfadeb2 (patch) | |
| tree | ebeb43a02d12c263cbb03f73a94341710188ca96 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java | |
| parent | 25de471cd8bf27d0cfa084edd29018596c804861 (diff) | |
| download | moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.tar.gz moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.tar.bz2 moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.zip | |
add pvp2.1 configuration fpr assertion encryption key in moa-id.properties
update handbook pvp2.1 configuration
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java index d95e21a0e..48e435777 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java @@ -39,6 +39,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.KeyStoreUtils; +import at.gv.egovernment.moa.util.MiscUtil; public class CredentialProvider { @@ -86,7 +87,32 @@ public class CredentialProvider { throw new CredentialsNotAvailableException(e.getMessage(), null); } } - + + public static X509Credential getIDPAssertionEncryptionCredential() + throws CredentialsNotAvailableException { + PVPConfiguration config = PVPConfiguration.getInstance(); + try { + if (keyStore == null) + keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), + config.getIDPKeyStorePassword()); + + //if no encryption key is configured return null + if (MiscUtil.isEmpty(config.getIDPKeyAliasAssertionEncryption())) + return null; + + MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter( + keyStore, config.getIDPKeyAliasAssertionEncryption(), config + .getIDPKeyPasswordAssertionEncryption().toCharArray()); + + credentials.setUsageType(UsageType.ENCRYPTION); + return (X509Credential) credentials; + } catch (Exception e) { + Logger.error("Failed to generate IDP Assertion Encryption credentials"); + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } + } + public static Signature getIDPSignature(Credential credentials) { PrivateKey privatekey = credentials.getPrivateKey(); |