aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java52
1 files changed, 52 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
new file mode 100644
index 000000000..ec65f6bce
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.signer;
+
+import java.io.FileInputStream;
+import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+
+import org.opensaml.xml.security.credential.BasicCredential;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
+
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class CredentialProvider {
+ public static Credential getIDPSigningCredential() throws CredentialsNotAvailableException {
+ KeyStore keyStore;
+ PVPConfiguration config = PVPConfiguration.getInstance();
+ try {
+ keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+
+ FileInputStream inputStream = new FileInputStream(
+ config.getIDPKeyStoreFilename());
+ keyStore.load(inputStream, config.getIDPKeyStorePassword().toCharArray());
+ inputStream.close();
+
+ BasicCredential credentials = new BasicCredential();
+ PrivateKey key = (PrivateKey) keyStore.getKey(config.getIDPKeyAlias(),
+ config.getIDPKeyPassword().toCharArray());
+ Certificate cert = keyStore.getCertificate(config.getIDPKeyAlias());
+ credentials.setPublicKey(cert.getPublicKey());
+ credentials.setPrivateKey(key);
+ credentials.setUsageType(UsageType.SIGNING);
+ return credentials;
+ } catch(Exception e) {
+ Logger.error("Failed to generate IDP Signing credentials");
+ e.printStackTrace();
+ throw new CredentialsNotAvailableException(e.getMessage(), null);
+ }
+ }
+
+ public static Signature getIDPSignature(Credential credentials) {
+ Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+ signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+ signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+ signer.setSigningCredential(credentials);
+ return signer;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 01:37:45 +0000