package at.gv.egovernment.moa.id.protocols.pvp2x.verification;

import java.util.ArrayList;
import java.util.List;

import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.security.MetadataCredentialResolver;
import org.opensaml.xml.security.credential.CredentialResolver;
import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xml.security.keyinfo.KeyInfoProvider;
import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider;
import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider;
import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider;
import org.opensaml.xml.signature.SignatureTrustEngine;
import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
import org.opensaml.xml.signature.impl.PKIXSignatureTrustEngine;

import sun.security.krb5.Credentials;

import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
import edu.internet2.middleware.shibboleth.common.security.MetadataPKIXValidationInformationResolver;

public class TrustEngineFactory {

	public static SignatureTrustEngine getSignatureTrustEngine() {
		try {
			MetadataPKIXValidationInformationResolver mdResolver = new MetadataPKIXValidationInformationResolver(
					MOAMetadataProvider.getInstance());

			List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
			keyInfoProvider.add(new DSAKeyValueProvider());
			keyInfoProvider.add(new RSAKeyValueProvider());
			keyInfoProvider.add(new InlineX509DataProvider());

			KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
					keyInfoProvider);

			PKIXSignatureTrustEngine engine = new PKIXSignatureTrustEngine(
					mdResolver, keyInfoResolver);

			return engine;

		} catch (Exception e) {
			e.printStackTrace();
			return null;
		}
	}

	public static SignatureTrustEngine getSignatureKnownKeysTrustEngine() {
		MetadataCredentialResolver resolver;

		resolver = new MetadataCredentialResolver(
				MOAMetadataProvider.getInstance());

		List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
		keyInfoProvider.add(new DSAKeyValueProvider());
		keyInfoProvider.add(new RSAKeyValueProvider());
		keyInfoProvider.add(new InlineX509DataProvider());

		KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
				keyInfoProvider);

		ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
				resolver, keyInfoResolver);

		return engine;

	}

}