diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java new file mode 100644 index 000000000..467210b4d --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/KeyStoreCredentialProvider.java @@ -0,0 +1,126 @@ +/* + * Copyright 2011 by Graz University of Technology, Austria + * The Austrian STORK Modules have been developed by the E-Government + * Innovation Center EGIZ, a joint initiative of the Federal Chancellery + * Austria and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.auth.stork;
+
+import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; + +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egovernment.moa.util.KeyStoreUtils; +import at.gv.egovernment.moa.util.StringUtils; +import eu.stork.vidp.messages.exception.SAMLException; +
+/** + * Provides credentials from a KeyStore + * @author bzwattendorfer + * + */
+public class KeyStoreCredentialProvider implements CredentialProvider {
+
+ private final static Logger log = LoggerFactory.getLogger(KeyStoreCredentialProvider.class);
+ + /** KeyStore Path */
+ private String keyStorePath;
+ + /** KeyStore Password */
+ private String keyStorePassword;
+ + /** Specific Key Name as Credential */
+ private String keyName;
+ + /** Key password */
+ private String keyPassword;
+
+ /** + * Creates a KeyStoreCredentialProvider object + * @param keyStorePath KeyStore Path + * @param keyStorePassword KeyStore Password + * @param keyName KeyName of the key to be retrieved + * @param keyPassword Password for the Key + */
+ public KeyStoreCredentialProvider(String keyStorePath,
+ String keyStorePassword, String keyName, String keyPassword) {
+ super();
+ this.keyStorePath = keyStorePath;
+ this.keyStorePassword = keyStorePassword;
+ this.keyName = keyName;
+ this.keyPassword = keyPassword;
+ }
+
+ + /** + * Gets the credential object from the KeyStore + */
+ public Credential getCredential() throws SAMLException {
+ log.trace("Retrieving credentials for signing SAML Response.");
+
+ if (StringUtils.isEmpty(this.keyStorePath))
+ throw new SAMLException("No keyStorePath specified");
+ + //KeyStorePassword optional
+ //if (StringUtils.isEmpty(this.keyStorePassword))
+ // throw new SAMLException("No keyStorePassword specified");
+
+ if (StringUtils.isEmpty(this.keyName))
+ throw new SAMLException("No keyName specified");
+ + //KeyStorePassword optional
+ //if (StringUtils.isEmpty(this.keyPassword))
+ // throw new SAMLException("No keyPassword specified");
+
+ KeyStore ks;
+ try {
+ ks = KeyStoreUtils.loadKeyStore(this.keyStorePath, this.keyStorePassword);
+ } catch (Exception e) {
+ log.error("Failed to load keystore information", e);
+ throw new SAMLException(e);
+ }
+
+ //return new KeyStoreX509CredentialAdapter(ks, keyName, keyPwd.toCharArray());
+ BasicX509Credential credential = null;
+ try {
+ java.security.cert.X509Certificate certificate = (X509Certificate) ks.getCertificate(this.keyName);
+ PrivateKey privateKey = (PrivateKey) ks.getKey(this.keyName, this.keyPassword.toCharArray());
+ credential = new BasicX509Credential();
+ credential.setEntityCertificate(certificate);
+ credential.setPrivateKey(privateKey);
+
+ } catch (Exception e) {
+ log.error("Error retrieving signing credentials.", e);
+ throw new SAMLException(e);
+ }
+
+ return credential;
+
+ } + + +}
|