Package com.sun.identity.federation.key

Class KeyUtil

  • public class KeyUtil
extends Object
    The KeyUtil provides methods to obtain the hosting entity's signing key and decryption key, and to obtain a partner entity's signature verification key and encryption related information

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static X509Certificate getCert​(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType kd)
      Returns certificate stored in KeyDescriptorType.
      static X509Certificate getCert​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String usage)
      Returns certificate stored in KeyDescriptorType in ProviderDescriptorType.
      static PrivateKey getDecryptionKey​(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig)
      Returns the host entity's decryption key.
      static EncInfo getEncInfo​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String entityID, boolean isIDP)
      Returns the encryption information which will be used in encrypting messages intended for the partner entity.
      static com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType getKeyDescriptor​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String usage)
      Returns KeyDescriptorType from ProviderDescriptorType.
      static KeyProvider getKeyProviderInstance()
      Returns the instance of KeyProvider.
      static String getSigningCertAlias​(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig)
      Returns the host entity's signing certificate alias.
      static X509Certificate getVerificationCert​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor, String entityID, boolean isIDP)
      Returns the partner entity's signature verification certificate.

    • Method Detail

      • getKeyProviderInstance

        public static KeyProvider getKeyProviderInstance()
        Returns the instance of KeyProvider.
        Returns:
        KeyProvider

      • getSigningCertAlias

        public static String getSigningCertAlias​(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig)
        Returns the host entity's signing certificate alias.
        Parameters:
        baseConfig - BaseConfigType for the host entity
        Returns:
        String for host entity's signing certificate alias

      • getDecryptionKey

        public static PrivateKey getDecryptionKey​(com.sun.identity.federation.jaxb.entityconfig.BaseConfigType baseConfig)
        Returns the host entity's decryption key.
        Parameters:
        baseConfig - BaseConfigType for the host entity
        Returns:
        PrivateKey for decrypting a message received by the host entity

      • getVerificationCert

        public static X509Certificate getVerificationCert​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                                  String entityID,
                                                  boolean isIDP)
        Returns the partner entity's signature verification certificate.
        Parameters:
        providerDescriptor - ProviderDescriptorType for the partner entity
        entityID - partner entity's ID
        isIDP - whether partner entity's role is IDP or SP
        Returns:
        X509Certificate for verifying the partner entity's signature

      • getEncInfo

        public static EncInfo getEncInfo​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                 String entityID,
                                 boolean isIDP)
        Returns the encryption information which will be used in encrypting messages intended for the partner entity.
        Parameters:
        providerDescriptor - ProviderDescriptorType for the partner entity
        entityID - partner entity's ID
        isIDP - whether partner entity's role is IDP or SP
        Returns:
        EncInfo which includes partner entity's public key for wrapping the secret key, data encryption algorithm, and data encryption strength

      • getKeyDescriptor

        public static com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType getKeyDescriptor​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                                                                       String usage)
        Returns KeyDescriptorType from ProviderDescriptorType.
        Parameters:
        providerDescriptor - ProviderDescriptorType which contains KeyDescriptors.
        usage - type of the KeyDescriptorType to be retrieved. Its value is "encryption" or "signing".
        Returns:
        KeyDescriptorType in ProviderDescriptorType that matched the usage type.

      • getCert

        public static X509Certificate getCert​(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType providerDescriptor,
                                      String usage)
        Returns certificate stored in KeyDescriptorType in ProviderDescriptorType.
        Parameters:
        providerDescriptor - ProviderDescriptorType which contains KeyDescriptors.
        usage - type of the KeyDescriptorType to be retrieved. Its value is "encryption" or "signing".
        Returns:
        X509Certificate contained in KeyDescriptorType; or null if no certificate is included.

      • getCert

        public static X509Certificate getCert​(com.sun.identity.liberty.ws.meta.jaxb.KeyDescriptorType kd)
        Returns certificate stored in KeyDescriptorType.
        Parameters:
        kd - KeyDescriptorType which contains certificate info
        Returns:
        X509Certificate contained in KeyDescriptorType; or null if no certificate is included.