aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2013-06-27 17:53:28 +0200
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2013-06-27 17:53:28 +0200
commit4ebecf480d17550d93165ab17c249cd2caed9e5b (patch)
treefa4c0979d305691e24b6ea65024d97422930cf1d /id/server
parent6c7a9ddcb9d8fe7872ee591191c5a024107300bd (diff)
downloadmoa-id-spss-4ebecf480d17550d93165ab17c249cd2caed9e5b.tar.gz
moa-id-spss-4ebecf480d17550d93165ab17c249cd2caed9e5b.tar.bz2
moa-id-spss-4ebecf480d17550d93165ab17c249cd2caed9e5b.zip
Support for PKCS12, DOC update1.9.90-SNAPSHOT
Diffstat (limited to 'id/server')
-rw-r--r--id/server/doc/MOA-ID_PreRelease_1_9_90_SNAPSHOT.docxbin117063 -> 117624 bytes
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java84
-rw-r--r--id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java2
4 files changed, 39 insertions, 55 deletions
diff --git a/id/server/doc/MOA-ID_PreRelease_1_9_90_SNAPSHOT.docx b/id/server/doc/MOA-ID_PreRelease_1_9_90_SNAPSHOT.docx
index aa52f89c9..9c63cd941 100644
--- a/id/server/doc/MOA-ID_PreRelease_1_9_90_SNAPSHOT.docx
+++ b/id/server/doc/MOA-ID_PreRelease_1_9_90_SNAPSHOT.docx
Binary files differ
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 36a8d0d6b..e1c46f295 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -1,23 +1,15 @@
package at.gv.egovernment.moa.id.entrypoints;
import java.io.IOException;
-import java.io.PrintWriter;
import java.util.Iterator;
-import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
-import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import org.apache.log4j.config.PropertyPrinter;
-
-import eu.stork.vidp.messages.common.STORKBootstrap;
-
import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
import at.gv.egovernment.moa.id.auth.WrongParametersException;
import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
index 9385c945f..4a1cd45da 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
@@ -1,5 +1,6 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.signer;
+import iaik.pkcs.pkcs12.PKCS12;
import iaik.x509.X509Certificate;
import java.io.File;
@@ -22,35 +23,30 @@ import org.opensaml.xml.signature.SignatureConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.KeyStoreUtils;
public class CredentialProvider {
- public static Credential getIDPSigningCredential() throws CredentialsNotAvailableException {
+ public static Credential getIDPSigningCredential()
+ throws CredentialsNotAvailableException {
KeyStore keyStore;
PVPConfiguration config = PVPConfiguration.getInstance();
try {
- keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(),
+ config.getIDPKeyStorePassword());
- FileInputStream inputStream = new FileInputStream(
- config.getIDPKeyStoreFilename());
- keyStore.load(inputStream, config.getIDPKeyStorePassword().toCharArray());
- inputStream.close();
+ KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
+ keyStore, config.getIDPKeyAlias(), config
+ .getIDPKeyPassword().toCharArray());
- KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore, config.getIDPKeyAlias(),
- config.getIDPKeyPassword().toCharArray());
- //PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(),
- // config.getIDPKeyPassword().toCharArray());
- //Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias());
- //credentials.setPublicKey(cert.getPublicKey());
- //credentials.setPrivateKey(key);
credentials.setUsageType(UsageType.SIGNING);
return credentials;
- } catch(Exception e) {
+ } catch (Exception e) {
Logger.error("Failed to generate IDP Signing credentials");
e.printStackTrace();
throw new CredentialsNotAvailableException(e.getMessage(), null);
}
}
-
+
public static Signature getIDPSignature(Credential credentials) {
Signature signer = SAML2Utils.createSAMLObject(Signature.class);
signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
@@ -58,10 +54,12 @@ public class CredentialProvider {
signer.setSigningCredential(credentials);
return signer;
}
-
- public static Credential getSPTrustedCredential(String entityID) throws CredentialsNotAvailableException {
- String filename = PVPConfiguration.getInstance().getTrustEntityCertificate(entityID);
-
+
+ public static Credential getSPTrustedCredential(String entityID)
+ throws CredentialsNotAvailableException {
+ String filename = PVPConfiguration.getInstance()
+ .getTrustEntityCertificate(entityID);
+
iaik.x509.X509Certificate cert;
try {
cert = new X509Certificate(new FileInputStream(new File(filename)));
@@ -75,37 +73,33 @@ public class CredentialProvider {
e.printStackTrace();
throw new CredentialsNotAvailableException(e.getMessage(), null);
}
-
+
BasicX509Credential credential = new BasicX509Credential();
credential.setEntityId(entityID);
credential.setUsageType(UsageType.SIGNING);
credential.setPublicKey(cert.getPublicKey());
-
+
return credential;
}
/*
- public static Credential getTrustedCredential() throws CredentialsNotAvailableException {
- String filename = PVPConfiguration.getInstance().getTrustEntityCertificate("sp.crt");
-
- iaik.x509.X509Certificate cert;
- try {
- cert = new X509Certificate(new FileInputStream(new File(filename)));
- } catch (CertificateException e) {
- e.printStackTrace();
- throw new CredentialsNotAvailableException(e.getMessage(), null);
- } catch (FileNotFoundException e) {
- e.printStackTrace();
- throw new CredentialsNotAvailableException(e.getMessage(), null);
- } catch (IOException e) {
- e.printStackTrace();
- throw new CredentialsNotAvailableException(e.getMessage(), null);
- }
-
- BasicX509Credential credential = new BasicX509Credential();
- credential.setEntityId("sp.crt");
- credential.setUsageType(UsageType.SIGNING);
- credential.setPublicKey(cert.getPublicKey());
-
- return credential;
- }*/
+ * public static Credential getTrustedCredential() throws
+ * CredentialsNotAvailableException { String filename =
+ * PVPConfiguration.getInstance().getTrustEntityCertificate("sp.crt");
+ *
+ * iaik.x509.X509Certificate cert; try { cert = new X509Certificate(new
+ * FileInputStream(new File(filename))); } catch (CertificateException e) {
+ * e.printStackTrace(); throw new
+ * CredentialsNotAvailableException(e.getMessage(), null); } catch
+ * (FileNotFoundException e) { e.printStackTrace(); throw new
+ * CredentialsNotAvailableException(e.getMessage(), null); } catch
+ * (IOException e) { e.printStackTrace(); throw new
+ * CredentialsNotAvailableException(e.getMessage(), null); }
+ *
+ * BasicX509Credential credential = new BasicX509Credential();
+ * credential.setEntityId("sp.crt");
+ * credential.setUsageType(UsageType.SIGNING);
+ * credential.setPublicKey(cert.getPublicKey());
+ *
+ * return credential; }
+ */
}
diff --git a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java
index a3ab2fb1b..faff5e7bd 100644
--- a/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java
+++ b/id/server/stork-saml-engine/src/main/java/eu/stork/vidp/messages/util/SAMLUtil.java
@@ -397,8 +397,6 @@ public class SAMLUtil {
}
}
-
-
return reqAttrList;
}