/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; import java.util.ArrayList; import java.util.List; import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.opensaml.security.MetadataCredentialResolver; import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver; import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver; import org.opensaml.xml.security.keyinfo.KeyInfoProvider; import org.opensaml.xml.security.keyinfo.provider.DSAKeyValueProvider; import org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider; import org.opensaml.xml.security.keyinfo.provider.RSAKeyValueProvider; import org.opensaml.xml.signature.SignatureTrustEngine; import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine; //import org.opensaml.xml.signature.impl.PKIXSignatureTrustEngine; //import edu.internet2.middleware.shibboleth.common.security.MetadataPKIXValidationInformationResolver; public class TrustEngineFactory { // public static SignatureTrustEngine getSignatureTrustEngine() { // try { // MetadataPKIXValidationInformationResolver mdResolver = new MetadataPKIXValidationInformationResolver( // MOAMetadataProvider.getInstance()); // // List keyInfoProvider = new ArrayList(); // keyInfoProvider.add(new DSAKeyValueProvider()); // keyInfoProvider.add(new RSAKeyValueProvider()); // keyInfoProvider.add(new InlineX509DataProvider()); // // KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver( // keyInfoProvider); // // PKIXSignatureTrustEngine engine = new PKIXSignatureTrustEngine( // mdResolver, keyInfoResolver); // // return engine; // // } catch (Exception e) { // e.printStackTrace(); // return null; // } // } public static SignatureTrustEngine getSignatureKnownKeysTrustEngine(MetadataProvider provider) { MetadataCredentialResolver resolver; resolver = new MetadataCredentialResolver(provider); List keyInfoProvider = new ArrayList(); keyInfoProvider.add(new DSAKeyValueProvider()); keyInfoProvider.add(new RSAKeyValueProvider()); keyInfoProvider.add(new InlineX509DataProvider()); KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver( keyInfoProvider); ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine( resolver, keyInfoResolver); return engine; } }