issrg.saml.util
Class SamlPKCHandler

java.lang.Object
  extended by issrg.security.DefaultVerifier
      extended by issrg.saml.util.SamlPKCHandler
All Implemented Interfaces:
Verifier

public class SamlPKCHandler
extends DefaultVerifier

Author:
ls97

Constructor Summary
SamlPKCHandler()
          Creates a new instance of SamlPKCHandler
 
Method Summary
 PKCRepository getPKCRepository()
          gets the repository that will be used to retrieve user's signature verification Public Key Certificates.
 java.security.cert.X509Certificate[] getRootCAs()
          This method returns the array of PKCs of multiple roots of trust.
 java.security.cert.X509Certificate[] getSigningPKCs(java.security.Principal signer)
          this method is used to get a set of valid signer's PKCs from the PKC repositories.
 void setPKCRepository(PKCRepository repository)
          Sets the repository that will be used to retrieve user's signature verification Public Key Certificates.
 void setRootCAs(java.security.cert.X509Certificate[] pkcs)
          This method sets multiple roots of trust by providing their X.509 PKCs.
 boolean signingPKCValidation(java.security.cert.X509Certificate x509)
          this method is used to validate a signing PKC and a PKC chain.
 
Methods inherited from class issrg.security.DefaultVerifier
getVerificationCertificates, setRootCA, setRootCA, setRootCAs, verify, verifyByRoot
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SamlPKCHandler

public SamlPKCHandler()
               throws SecurityException
Creates a new instance of SamlPKCHandler

Throws:
SecurityException
Method Detail

setRootCAs

public void setRootCAs(java.security.cert.X509Certificate[] pkcs)
This method sets multiple roots of trust by providing their X.509 PKCs.

Overrides:
setRootCAs in class DefaultVerifier
Parameters:
pkcs - - the Public Key Certificates of the CAs

setPKCRepository

public void setPKCRepository(PKCRepository repository)
Sets the repository that will be used to retrieve user's signature verification Public Key Certificates.

Overrides:
setPKCRepository in class DefaultVerifier
Parameters:
repository - - the PKCRepository that can return the PKCs for a given principal

getRootCAs

public java.security.cert.X509Certificate[] getRootCAs()
This method returns the array of PKCs of multiple roots of trust.

Specified by:
getRootCAs in interface Verifier
Overrides:
getRootCAs in class DefaultVerifier
Returns:
array of X509Certificate, which can be empty or null, if no roots of trust have been specified

getPKCRepository

public PKCRepository getPKCRepository()
gets the repository that will be used to retrieve user's signature verification Public Key Certificates.

Specified by:
getPKCRepository in interface Verifier
Overrides:
getPKCRepository in class DefaultVerifier

signingPKCValidation

public boolean signingPKCValidation(java.security.cert.X509Certificate x509)
                             throws SecurityException
this method is used to validate a signing PKC and a PKC chain.

Parameters:
x509 - is the given X509 certificate, which is used to sign ACs or assertions.
Throws:
SecurityException

getSigningPKCs

public java.security.cert.X509Certificate[] getSigningPKCs(java.security.Principal signer)
this method is used to get a set of valid signer's PKCs from the PKC repositories.

Parameters:
signer - is identified by a Pricipal object.