diff options
author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-06-05 10:51:23 +0200 |
---|---|---|
committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2013-06-05 10:51:23 +0200 |
commit | bdc7311ce86c6d39c3ff96b38c33b36ee6a28d1d (patch) | |
tree | 4f72690ba50d39b68f7e692ff2d1cad28f8d87f1 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer | |
parent | 7489cb6721d99d997679fc7905f40acb7b296e98 (diff) | |
download | moa-id-spss-bdc7311ce86c6d39c3ff96b38c33b36ee6a28d1d.tar.gz moa-id-spss-bdc7311ce86c6d39c3ff96b38c33b36ee6a28d1d.tar.bz2 moa-id-spss-bdc7311ce86c6d39c3ff96b38c33b36ee6a28d1d.zip |
SAML Attribute Constants, Dynamic Attribute building system, Take metadata attributes into account for authnResponse
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java | 75 |
1 files changed, 67 insertions, 8 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java index ec65f6bce..5f9f4d63b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java @@ -1,13 +1,21 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.signer; +import iaik.x509.X509Certificate; + +import java.io.File; import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.cert.Certificate; +import java.security.cert.CertificateException; + +import javax.jws.soap.SOAPBinding.Use; -import org.opensaml.xml.security.credential.BasicCredential; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; +import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.SignatureConstants; @@ -27,12 +35,13 @@ public class CredentialProvider { keyStore.load(inputStream, config.getIDPKeyStorePassword().toCharArray()); inputStream.close(); - BasicCredential credentials = new BasicCredential(); - PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(), + KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore, config.getIDPKeyAlias(), config.getIDPKeyPassword().toCharArray()); - Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias()); - credentials.setPublicKey(cert.getPublicKey()); - credentials.setPrivateKey(key); + //PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(), + // config.getIDPKeyPassword().toCharArray()); + //Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias()); + //credentials.setPublicKey(cert.getPublicKey()); + //credentials.setPrivateKey(key); credentials.setUsageType(UsageType.SIGNING); return credentials; } catch(Exception e) { @@ -49,4 +58,54 @@ public class CredentialProvider { signer.setSigningCredential(credentials); return signer; } + + public static Credential getSPTrustedCredential(String entityID) throws CredentialsNotAvailableException { + String filename = PVPConfiguration.getInstance().getTrustEntityCertificate(entityID); + + iaik.x509.X509Certificate cert; + try { + cert = new X509Certificate(new FileInputStream(new File(filename))); + } catch (CertificateException e) { + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } catch (FileNotFoundException e) { + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } catch (IOException e) { + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } + + BasicX509Credential credential = new BasicX509Credential(); + credential.setEntityId(entityID); + credential.setUsageType(UsageType.SIGNING); + credential.setPublicKey(cert.getPublicKey()); + + return credential; + } + + public static Credential getTrustedCredential() throws CredentialsNotAvailableException { + String filename = PVPConfiguration.getInstance().getTrustEntityCertificate("sp.crt"); + + iaik.x509.X509Certificate cert; + try { + cert = new X509Certificate(new FileInputStream(new File(filename))); + } catch (CertificateException e) { + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } catch (FileNotFoundException e) { + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } catch (IOException e) { + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } + + BasicX509Credential credential = new BasicX509Credential(); + credential.setEntityId("sp.crt"); + credential.setUsageType(UsageType.SIGNING); + credential.setPublicKey(cert.getPublicKey()); + + return credential; + } } |