diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java new file mode 100644 index 000000000..ec65f6bce --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java @@ -0,0 +1,52 @@ +package at.gv.egovernment.moa.id.protocols.pvp2x.signer; + +import java.io.FileInputStream; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.cert.Certificate; + +import org.opensaml.xml.security.credential.BasicCredential; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.credential.UsageType; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; + +import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.logging.Logger; + +public class CredentialProvider { + public static Credential getIDPSigningCredential() throws CredentialsNotAvailableException { + KeyStore keyStore; + PVPConfiguration config = PVPConfiguration.getInstance(); + try { + keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); + + FileInputStream inputStream = new FileInputStream( + config.getIDPKeyStoreFilename()); + keyStore.load(inputStream, config.getIDPKeyStorePassword().toCharArray()); + inputStream.close(); + + BasicCredential credentials = new BasicCredential(); + PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(), + config.getIDPKeyPassword().toCharArray()); + Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias()); + credentials.setPublicKey(cert.getPublicKey()); + credentials.setPrivateKey(key); + credentials.setUsageType(UsageType.SIGNING); + return credentials; + } catch(Exception e) { + Logger.error("Failed to generate IDP Signing credentials"); + e.printStackTrace(); + throw new CredentialsNotAvailableException(e.getMessage(), null); + } + } + + public static Signature getIDPSignature(Credential credentials) { + Signature signer = SAML2Utils.createSAMLObject(Signature.class); + signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256); + signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + signer.setSigningCredential(credentials); + return signer; + } +} |