com.sun.identity.federation.key

Class KeyUtil

java.lang.Object

com.sun.identity.federation.key.KeyUtil

public class KeyUtil
extends Object

The KeyUtil provides methods to obtain the hosting entity's signing key and decryption key, and to obtain a partner entity's signature verification key and encryption related information

Field Summary

Fields

Modifier and Type	Field and Description
static Hashtable	encHash
protected static Hashtable	sigHash

Method Summary

Modifier and Type	Method and Description
static X509Certificate	getCert(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType kd) Returns certificate stored in KeyDescriptorType.
static X509Certificate	getCert(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String usage) Returns certificate stored in KeyDescriptorType in ProviderDescriptorType.
static PrivateKey	getDecryptionKey(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig) Returns the host entity's decryption key.
static EncInfo	getEncInfo(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String entityID, boolean isIDP) Returns the encryption information which will be used in encrypting messages intended for the partner entity.
static com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType	getKeyDescriptor(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String usage) Returns KeyDescriptorType from ProviderDescriptorType.
static KeyProvider	getKeyProviderInstance() Returns the instance of KeyProvider.
static String	getSigningCertAlias(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig) Returns the host entity's signing certificate alias.
static X509Certificate	getVerificationCert(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String entityID, boolean isIDP) Returns the partner entity's signature verification certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

encHash

public static Hashtable encHash

sigHash

protected static Hashtable sigHash

Method Detail

getKeyProviderInstance

public static KeyProvider getKeyProviderInstance()

Returns the instance of KeyProvider.

Returns:

KeyProvider

getSigningCertAlias

public static String getSigningCertAlias(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig)

Returns the host entity's signing certificate alias.

Parameters:

baseConfig - BaseConfigType for the host entity

Returns:

String for host entity's signing certificate alias

getDecryptionKey

public static PrivateKey getDecryptionKey(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig)

Returns the host entity's decryption key.

Parameters:

baseConfig - BaseConfigType for the host entity

Returns:

PrivateKey for decrypting a message received by the host entity

getVerificationCert

public static X509Certificate getVerificationCert(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                                  String entityID,
                                                  boolean isIDP)

Returns the partner entity's signature verification certificate.

Parameters:

providerDescriptor - ProviderDescriptorType for the partner entity

entityID - partner entity's ID

isIDP - whether partner entity's role is IDP or SP

Returns:

X509Certificate for verifying the partner entity's signature

getEncInfo

public static EncInfo getEncInfo(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                 String entityID,
                                 boolean isIDP)

Returns the encryption information which will be used in encrypting messages intended for the partner entity.

Parameters:

providerDescriptor - ProviderDescriptorType for the partner entity

entityID - partner entity's ID

isIDP - whether partner entity's role is IDP or SP

Returns:

EncInfo which includes partner entity's public key for wrapping the secret key, data encryption algorithm, and data encryption strength

getKeyDescriptor

public static com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType getKeyDescriptor(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                                                                       String usage)

Returns KeyDescriptorType from ProviderDescriptorType.

Parameters:

providerDescriptor - ProviderDescriptorType which contains KeyDescriptors.

usage - type of the KeyDescriptorType to be retrieved. Its value is "encryption" or "signing".

Returns:

KeyDescriptorType in ProviderDescriptorType that matched the usage type.

getCert

public static X509Certificate getCert(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                      String usage)

Returns certificate stored in KeyDescriptorType in ProviderDescriptorType.

Parameters:

providerDescriptor - ProviderDescriptorType which contains KeyDescriptors.

usage - type of the KeyDescriptorType to be retrieved. Its value is "encryption" or "signing".

Returns:

X509Certificate contained in KeyDescriptorType; or null if no certificate is included.

getCert

public static X509Certificate getCert(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType kd)

Returns certificate stored in KeyDescriptorType.

Parameters:

kd - KeyDescriptorType which contains certificate info

Returns:

X509Certificate contained in KeyDescriptorType; or null if no certificate is included.