aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java84
1 files changed, 39 insertions, 45 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
index 9385c945f..4a1cd45da 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
@@ -1,5 +1,6 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.signer;
+import iaik.pkcs.pkcs12.PKCS12;
import iaik.x509.X509Certificate;
import java.io.File;
@@ -22,35 +23,30 @@ import org.opensaml.xml.signature.SignatureConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.KeyStoreUtils;
public class CredentialProvider {
- public static Credential getIDPSigningCredential() throws CredentialsNotAvailableException {
+ public static Credential getIDPSigningCredential()
+ throws CredentialsNotAvailableException {
KeyStore keyStore;
PVPConfiguration config = PVPConfiguration.getInstance();
try {
- keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(),
+ config.getIDPKeyStorePassword());
- FileInputStream inputStream = new FileInputStream(
- config.getIDPKeyStoreFilename());
- keyStore.load(inputStream, config.getIDPKeyStorePassword().toCharArray());
- inputStream.close();
+ KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
+ keyStore, config.getIDPKeyAlias(), config
+ .getIDPKeyPassword().toCharArray());
- KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore, config.getIDPKeyAlias(),
- config.getIDPKeyPassword().toCharArray());
- //PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(),
- // config.getIDPKeyPassword().toCharArray());
- //Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias());
- //credentials.setPublicKey(cert.getPublicKey());
- //credentials.setPrivateKey(key);
credentials.setUsageType(UsageType.SIGNING);
return credentials;
- } catch(Exception e) {
+ } catch (Exception e) {
Logger.error("Failed to generate IDP Signing credentials");
e.printStackTrace();
throw new CredentialsNotAvailableException(e.getMessage(), null);
}
}
-
+
public static Signature getIDPSignature(Credential credentials) {
Signature signer = SAML2Utils.createSAMLObject(Signature.class);
signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
@@ -58,10 +54,12 @@ public class CredentialProvider {
signer.setSigningCredential(credentials);
return signer;
}
-
- public static Credential getSPTrustedCredential(String entityID) throws CredentialsNotAvailableException {
- String filename = PVPConfiguration.getInstance().getTrustEntityCertificate(entityID);
-
+
+ public static Credential getSPTrustedCredential(String entityID)
+ throws CredentialsNotAvailableException {
+ String filename = PVPConfiguration.getInstance()
+ .getTrustEntityCertificate(entityID);
+
iaik.x509.X509Certificate cert;
try {
cert = new X509Certificate(new FileInputStream(new File(filename)));
@@ -75,37 +73,33 @@ public class CredentialProvider {
e.printStackTrace();
throw new CredentialsNotAvailableException(e.getMessage(), null);
}
-
+
BasicX509Credential credential = new BasicX509Credential();
credential.setEntityId(entityID);
credential.setUsageType(UsageType.SIGNING);
credential.setPublicKey(cert.getPublicKey());
-
+
return credential;
}
/*
- public static Credential getTrustedCredential() throws CredentialsNotAvailableException {
- String filename = PVPConfiguration.getInstance().getTrustEntityCertificate("sp.crt");
-
- iaik.x509.X509Certificate cert;
- try {
- cert = new X509Certificate(new FileInputStream(new File(filename)));
- } catch (CertificateException e) {
- e.printStackTrace();
- throw new CredentialsNotAvailableException(e.getMessage(), null);
- } catch (FileNotFoundException e) {
- e.printStackTrace();
- throw new CredentialsNotAvailableException(e.getMessage(), null);
- } catch (IOException e) {
- e.printStackTrace();
- throw new CredentialsNotAvailableException(e.getMessage(), null);
- }
-
- BasicX509Credential credential = new BasicX509Credential();
- credential.setEntityId("sp.crt");
- credential.setUsageType(UsageType.SIGNING);
- credential.setPublicKey(cert.getPublicKey());
-
- return credential;
- }*/
+ * public static Credential getTrustedCredential() throws
+ * CredentialsNotAvailableException { String filename =
+ * PVPConfiguration.getInstance().getTrustEntityCertificate("sp.crt");
+ *
+ * iaik.x509.X509Certificate cert; try { cert = new X509Certificate(new
+ * FileInputStream(new File(filename))); } catch (CertificateException e) {
+ * e.printStackTrace(); throw new
+ * CredentialsNotAvailableException(e.getMessage(), null); } catch
+ * (FileNotFoundException e) { e.printStackTrace(); throw new
+ * CredentialsNotAvailableException(e.getMessage(), null); } catch
+ * (IOException e) { e.printStackTrace(); throw new
+ * CredentialsNotAvailableException(e.getMessage(), null); }
+ *
+ * BasicX509Credential credential = new BasicX509Credential();
+ * credential.setEntityId("sp.crt");
+ * credential.setUsageType(UsageType.SIGNING);
+ * credential.setPublicKey(cert.getPublicKey());
+ *
+ * return credential; }
+ */
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 14:46:04 +0000