Getting credentials in OpenSAML
For all cryptographic functions OpenSAML requires a
Credential which is a basically a cryptographic key wrapped in an object. The
Credential can contain either an symmetric key or an asymmetric key not both. The
Credential can be created manually with
BasicCredential classes and then populated with the setters. But the preferred way is to use one of the many
CredentialResolvers to create the credential for you.
I will now show some examples of how creating credentials using the basic classes and two different resolvers.
The Basic classes has methods like
By setting this you can manually create credentials
1BasicCredential credential = new BasicCredential(); 2credential.setPublicKey(myJCEPublicKey); 3credential.setPrivateKey(myJCEPrivateKey); 4credential.setUsageType(UsageType.SIGNING);
And now you have a credential to use with signing.
1KeyStore keystore; 2keystore = KeyStore.getInstance(KeyStore.getDefaultType()); 3FileInputStream inputStream = new FileInputStream("/path/to/my/JKS"); 4keystore.load(inputStream, "MyKeystorePassword".toCharArray()); 5inputStream.close(); 6 7Map<String, String> passwordMap = new HashMap<String, String>(); 8passwordMap.put("MyEntryID"), "MyEntryPassword"); 9KeyStoreCredentialResolver resolver = new KeyStoreCredentialResolver(keystore, passwordMap); 10 11Criteria criteria = new EntityIDCriteria("MyEntryID"); 12CriteriaSet criteriaSet = new CriteriaSet(criteria); 13 14X509Credential credential = (X509Credential)resolver.resolveSingle(criteriaSet);