1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package edu.internet2.middleware.shibboleth.common.config.security;
18
19 import java.security.PrivateKey;
20 import java.security.PublicKey;
21
22 import javax.crypto.SecretKey;
23
24 import org.opensaml.xml.security.SecurityException;
25 import org.opensaml.xml.security.SecurityHelper;
26 import org.opensaml.xml.security.credential.BasicCredential;
27 import org.slf4j.Logger;
28 import org.slf4j.LoggerFactory;
29
30
31
32
33 public class BasicCredentialFactoryBean extends AbstractCredentialFactoryBean {
34
35
36 private final Logger log = LoggerFactory.getLogger(BasicCredentialFactoryBean.class);
37
38
39 private SecretKey secretKey;
40
41
42 private PrivateKey privateKey;
43
44
45 private PublicKey publicKey;
46
47
48 protected Object createInstance() throws Exception {
49 BasicCredential credential = new BasicCredential();
50
51 credential.setUsageType(getUsageType());
52
53 credential.setEntityId(getEntityID());
54
55 if(getKeyNames() != null){
56 credential.getKeyNames().addAll(getKeyNames());
57 }
58
59 credential.setSecretKey(secretKey);
60 credential.setPrivateKey(privateKey);
61 if (publicKey != null) {
62 credential.setPublicKey(publicKey);
63 } else if (privateKey != null) {
64 credential.setPublicKey(SecurityHelper.derivePublicKey(privateKey));
65 }
66
67
68 if (credential.getPublicKey() != null && credential.getPrivateKey() != null) {
69 boolean matched = false;
70 try {
71 matched = SecurityHelper.matchKeyPair(credential.getPublicKey(), credential.getPrivateKey());
72 } catch (SecurityException e) {
73 log.warn("Could not perform sanity check against credential public and private key: {}",
74 e.getMessage());
75 }
76 if (!matched) {
77 log.error("Mismatch detected between credential's public and private key");
78 throw new SecurityException("Mismatch between credential public and private key");
79 }
80 }
81
82 return credential;
83 }
84
85
86 public Class getObjectType() {
87 return BasicCredential.class;
88 }
89
90
91
92
93
94
95 public PrivateKey getPrivateKey() {
96 return privateKey;
97 }
98
99
100
101
102
103
104 public PublicKey getPublicKey() {
105 return publicKey;
106 }
107
108
109
110
111
112
113 public SecretKey getSecretKey() {
114 return secretKey;
115 }
116
117
118
119
120
121
122 public void setPrivateKey(PrivateKey key) {
123 privateKey = key;
124 }
125
126
127
128
129
130
131 public void setPublicKey(PublicKey key) {
132 publicKey = key;
133 }
134
135
136
137
138
139
140 public void setSecretKey(SecretKey key) {
141 secretKey = key;
142 }
143
144 }