1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package edu.internet2.middleware.shibboleth.common.config.security;
19
20 import java.security.PrivateKey;
21 import java.security.PublicKey;
22
23 import javax.crypto.SecretKey;
24
25 import org.opensaml.xml.security.SecurityException;
26 import org.opensaml.xml.security.SecurityHelper;
27 import org.opensaml.xml.security.credential.BasicCredential;
28 import org.slf4j.Logger;
29 import org.slf4j.LoggerFactory;
30
31
32
33
34 public class BasicCredentialFactoryBean extends AbstractCredentialFactoryBean {
35
36
37 private final Logger log = LoggerFactory.getLogger(BasicCredentialFactoryBean.class);
38
39
40 private SecretKey secretKey;
41
42
43 private PrivateKey privateKey;
44
45
46 private PublicKey publicKey;
47
48
49 protected Object createInstance() throws Exception {
50 BasicCredential credential = new BasicCredential();
51
52 credential.setUsageType(getUsageType());
53
54 credential.setEntityId(getEntityID());
55
56 if(getKeyNames() != null){
57 credential.getKeyNames().addAll(getKeyNames());
58 }
59
60 credential.setSecretKey(secretKey);
61 credential.setPrivateKey(privateKey);
62 if (publicKey != null) {
63 credential.setPublicKey(publicKey);
64 } else if (privateKey != null) {
65 credential.setPublicKey(SecurityHelper.derivePublicKey(privateKey));
66 }
67
68
69 if (credential.getPublicKey() != null && credential.getPrivateKey() != null) {
70 boolean matched = false;
71 try {
72 matched = SecurityHelper.matchKeyPair(credential.getPublicKey(), credential.getPrivateKey());
73 } catch (SecurityException e) {
74 log.warn("Could not perform sanity check against credential public and private key: {}",
75 e.getMessage());
76 }
77 if (!matched) {
78 log.error("Mismatch detected between credential's public and private key");
79 throw new SecurityException("Mismatch between credential public and private key");
80 }
81 }
82
83 return credential;
84 }
85
86
87 public Class getObjectType() {
88 return BasicCredential.class;
89 }
90
91
92
93
94
95
96 public PrivateKey getPrivateKey() {
97 return privateKey;
98 }
99
100
101
102
103
104
105 public PublicKey getPublicKey() {
106 return publicKey;
107 }
108
109
110
111
112
113
114 public SecretKey getSecretKey() {
115 return secretKey;
116 }
117
118
119
120
121
122
123 public void setPrivateKey(PrivateKey key) {
124 privateKey = key;
125 }
126
127
128
129
130
131
132 public void setPublicKey(PublicKey key) {
133 publicKey = key;
134 }
135
136
137
138
139
140
141 public void setSecretKey(SecretKey key) {
142 secretKey = key;
143 }
144
145 }