KeyUtil.java revision 272ac8a1a482b3baeff7293aac5de828cfd1ee69
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * The contents of this file are subject to the terms
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * of the Common Development and Distribution License
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * (the License). You may not use this file except in
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * compliance with the License.
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * You can obtain a copy of the License at
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * See the License for the specific language governing
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * permission and limitations under the License.
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * When distributing Covered Code, include this CDDL
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * Header Notice in each file and include the License file
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * If applicable, add the following below the CDDL Header,
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * with the fields enclosed by brackets [] replaced by
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * your own identifying information:
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * $Id: KeyUtil.java,v 1.5 2009/06/08 23:41:03 madan_ranganath Exp $
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * Portions Copyrighted 2013-2014 ForgeRock AS
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport org.apache.xml.security.encryption.XMLCipher;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.common.SystemConfigurationUtil;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.federation.common.FSUtils;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.federation.common.IFSConstants;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.federation.meta.IDFFMetaUtils;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.liberty.ws.common.jaxb.xmlsig.KeyInfoType;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.liberty.ws.common.jaxb.xmlsig.X509DataElement;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterimport com.sun.identity.saml.xmlsig.KeyProvider;
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * The <code>KeyUtil</code> provides methods to obtain
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * the hosting entity's signing key and decryption key, and
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * to obtain a partner entity's signature verification key
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * and encryption related information
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Fosterpublic class KeyUtil {
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster // key is EntityID|Role
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster // value is EncInfo
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster public static Hashtable encHash = new Hashtable();
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster // key is EntityID|Role
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster // value is X509Certificate
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster protected static Hashtable sigHash = new Hashtable();
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster kp = (KeyProvider)Class.forName(SystemConfigurationUtil.getProperty(
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster SAMLConstants.JKS_KEY_PROVIDER)).newInstance();
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster "KeyUtil static block:" +
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster " Couldn't find the class.",
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster "KeyUtil static block:" +
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster " Couldn't instantiate the key provider instance.",
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster "KeyUtil static block:" +
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster " Couldn't access the default constructor.",
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * Returns the instance of <code>KeyProvider</code>.
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * @return <code>KeyProvider</code>
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster public static KeyProvider getKeyProviderInstance() {
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * Returns the host entity's signing certificate alias.
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * @param baseConfig <code>BaseConfigType</code> for the host entity
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * @return <code>String</code> for host entity's signing
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster * certificate alias
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster public static String getSigningCertAlias(BaseConfigType baseConfig) {
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster Map map = IDFFMetaUtils.getAttributes(baseConfig);
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster List list = (List)map.get(IFSConstants.SIGNING_CERT_ALIAS);
2d0a88b18a041738cfe635b45bd1db56af469c91Allan Foster if ((alias != null) && (alias.length() != 0) && (kp != null)) {
return alias;
return null;
return decryptionKey;
boolean isIDP) {
return cert;
return null;
return null;
return null;
return cert;
return encInfo;
return null;
return null;
return null;
return encInfo;
return null;
return kd;
return noUsageKD;
return null;
return null;
byte[] bt =
getValue();
return null;
return null;
return retCert;