Java Code Examples for org.opensaml.xml.security.credential.BasicCredential#setPrivateKey()

/**
 * Decrypt an assertion using the privkey stored in SPConfig.
 */
private Assertion decrypt(EncryptedAssertion encrypted)
    throws DecryptionException
{
    if (spConfig.getPrivateKey() == null)
        throw new DecryptionException("Encrypted assertion found but no SP key available");
    BasicCredential cred = new BasicCredential();
    cred.setPrivateKey(spConfig.getPrivateKey());
    StaticKeyInfoCredentialResolver resolver =
        new StaticKeyInfoCredentialResolver(cred);
    Decrypter decrypter =
        new Decrypter(null, resolver, new InlineEncryptedKeyResolver());
    decrypter.setRootInNewDocument(true);

    return decrypter.decrypt(encrypted);
}
 

/**
 * Get a simple, minimal credential containing a public key, and optionally a private key.
 * 
 * @param publicKey the public key to wrap
 * @param privateKey the private key to wrap, which may be null
 * @return a credential containing the key(s) specified
 */
public static BasicCredential getSimpleCredential(PublicKey publicKey, PrivateKey privateKey) {
    if (publicKey == null) {
        throw new IllegalArgumentException("A public key is required");
    }
    BasicCredential cred = new BasicCredential();
    cred.setPublicKey(publicKey);
    cred.setPrivateKey(privateKey);
    return cred;
}
 

/**
 * Generate a random asymmetric key pair and return in a BasicCredential.
 * 
 * @param algorithmURI The XML Encryption algorithm URI
 * @param keyLength key length
 * @param includePrivate if true, the private key will be included as well
 * @return a basic credential containing a randomly generated asymmetric key pair
 * @throws NoSuchAlgorithmException algorithm not found
 * @throws NoSuchProviderException provider not found
 */
public static Credential generateKeyPairAndCredential(String algorithmURI, int keyLength, boolean includePrivate) 
        throws NoSuchAlgorithmException, NoSuchProviderException {
    KeyPair keyPair = generateKeyPairFromURI(algorithmURI, keyLength);
    BasicCredential credential = new BasicCredential();
    credential.setPublicKey(keyPair.getPublic());
    if (includePrivate) {
        credential.setPrivateKey(keyPair.getPrivate());
    }
    return credential;
}
 

/**
 * Construct a basic credential containing the specified key and set of key names.
 * 
 * @param key the key to include in the credential
 * @param keyNames the key names to include in the credential
 * @return a basic credential with the specified key and key names
 * @throws SecurityException if there is an error building the credential
 */
protected Credential buildBasicCredential(Key key, Set<String> keyNames) throws SecurityException {
    if (key == null) {
        log.debug("Key supplied was null, could not build credential");
        return null;
    }

    BasicCredential basicCred = new BasicCredential();

    basicCred.getKeyNames().addAll(keyNames);

    if (key instanceof PublicKey) {
        basicCred.setPublicKey((PublicKey) key);
    } else if (key instanceof SecretKey) {
        basicCred.setSecretKey((SecretKey) key);
    } else if (key instanceof PrivateKey) {
        // This would be unusual for most KeyInfo use cases,
        // but go ahead and try and handle it
        PrivateKey privateKey = (PrivateKey) key;
        try {
            PublicKey publicKey = SecurityHelper.derivePublicKey(privateKey);
            if (publicKey != null) {
                basicCred.setPublicKey(publicKey);
                basicCred.setPrivateKey(privateKey);
            } else {
                log.error("Failed to derive public key from private key");
                return null;
            }
        } catch (KeyException e) {
            log.error("Could not derive public key from private key", e);
            return null;
        }
    } else {
        log.error(String.format("Key was of an unsupported type '%s'", key.getClass().getName()));
        return null;
    }

    return basicCred;
}