signkeydataholder.java

开源的OpenId的一个java实现

package org.wso2.solutions.identity.sts.saml;

import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;

import javax.crypto.SecretKey;

import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.credential.CredentialContextSet;
import org.opensaml.xml.security.credential.UsageType;
import org.opensaml.xml.security.x509.X509Credential;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.sts.KeyUtil;
import org.wso2.utils.ServerConfiguration;

public class SignKeyDataHolder implements X509Credential {

    private String signatureAlgorithm = null;

    private static SignKeyDataHolder instance = null;

    private X509Certificate[] issuerCerts = null;

    private PrivateKey issuerPK = null;

    public static SignKeyDataHolder getInstance()
            throws IdentityProviderException {
        if (instance == null) {
            instance = new SignKeyDataHolder();
        }
        return instance;
    }

    private SignKeyDataHolder() throws IdentityProviderException {
        //do once - because this is a expensive operation

        String keyAlias = ServerConfiguration.getInstance().getFirstProperty(
                "Security.KeyStore.KeyAlias");
        issuerPK = (PrivateKey) KeyUtil.getPrivateKey(keyAlias);

        issuerCerts = KeyUtil.getServiceCertificateChain(keyAlias);

        signatureAlgorithm = XMLSignature.ALGO_ID_SIGNATURE_RSA;

        String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
        if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
            signatureAlgorithm = XMLSignature.ALGO_ID_SIGNATURE_DSA;
        }

    }

    public String getSignatureAlgorithm() {
        return signatureAlgorithm;
    }

    public void setSignatureAlgorithm(String signatureAlgorithm) {
        this.signatureAlgorithm = signatureAlgorithm;
    }

    public Collection<X509CRL> getCRLs() {
        return null;
    }

    public X509Certificate getEntityCertificate() {
        return issuerCerts[0];
    }

    public Collection<X509Certificate> getEntityCertificateChain() {
        return Arrays.asList(issuerCerts);
    }

    public CredentialContextSet getCredentalContextSet() {
        // TODO Auto-generated method stub
        return null;
    }

    public Class<? extends Credential> getCredentialType() {
        // TODO Auto-generated method stub
        return null;
    }

    public String getEntityId() {
        // TODO Auto-generated method stub
        return null;
    }

    public Collection<String> getKeyNames() {
        // TODO Auto-generated method stub
        return null;
    }

    public PrivateKey getPrivateKey() {
        return issuerPK;
    }

    public PublicKey getPublicKey() {
        return issuerCerts[0].getPublicKey();
    }

    public SecretKey getSecretKey() {
        // TODO Auto-generated method stub
        return null;
    }

    public UsageType getUsageType() {
        // TODO Auto-generated method stub
        return null;
    }

}