issrg.saml.util
Class SamlPKCHandler

java.lang.Object
  issrg.security.DefaultVerifier
      issrg.saml.util.SamlPKCHandler

All Implemented Interfaces:

Verifier

public class SamlPKCHandler
extends DefaultVerifier

Author:

ls97

Constructor Summary

SamlPKCHandler()
Creates a new instance of SamlPKCHandler

Method Summary

PKCRepository	getPKCRepository() gets the repository that will be used to retrieve user's signature verification Public Key Certificates.
java.security.cert.X509Certificate[]	getRootCAs() This method returns the array of PKCs of multiple roots of trust.
java.security.cert.X509Certificate[]	getSigningPKCs(java.security.Principal signer) this method is used to get a set of valid signer's PKCs from the PKC repositories.
void	setPKCRepository(PKCRepository repository) Sets the repository that will be used to retrieve user's signature verification Public Key Certificates.
void	setRootCAs(java.security.cert.X509Certificate[] pkcs) This method sets multiple roots of trust by providing their X.509 PKCs.
boolean	signingPKCValidation(java.security.cert.X509Certificate x509) this method is used to validate a signing PKC and a PKC chain.

Methods inherited from class issrg.security.DefaultVerifier

getVerificationCertificates, setRootCA, setRootCA, setRootCAs, verify, verifyByRoot

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SamlPKCHandler

public SamlPKCHandler()
               throws SecurityException

Creates a new instance of SamlPKCHandler

Throws:

SecurityException

Method Detail

setRootCAs

public void setRootCAs(java.security.cert.X509Certificate[] pkcs)

This method sets multiple roots of trust by providing their X.509 PKCs.

Overrides:

setRootCAs in class DefaultVerifier

Parameters:

pkcs - - the Public Key Certificates of the CAs

setPKCRepository

public void setPKCRepository(PKCRepository repository)

Sets the repository that will be used to retrieve user's signature verification Public Key Certificates.

Overrides:

setPKCRepository in class DefaultVerifier

Parameters:

repository - - the PKCRepository that can return the PKCs for a given principal

getRootCAs

public java.security.cert.X509Certificate[] getRootCAs()

This method returns the array of PKCs of multiple roots of trust.

Specified by:

getRootCAs in interface Verifier

Overrides:

getRootCAs in class DefaultVerifier

Returns:

array of X509Certificate, which can be empty or null, if no roots of trust have been specified

getPKCRepository

public PKCRepository getPKCRepository()

gets the repository that will be used to retrieve user's signature verification Public Key Certificates.

Specified by:

getPKCRepository in interface Verifier

Overrides:

getPKCRepository in class DefaultVerifier

signingPKCValidation

public boolean signingPKCValidation(java.security.cert.X509Certificate x509)
                             throws SecurityException

this method is used to validate a signing PKC and a PKC chain.

Parameters:

x509 - is the given X509 certificate, which is used to sign ACs or assertions.

Throws:

SecurityException

getSigningPKCs

public java.security.cert.X509Certificate[] getSigningPKCs(java.security.Principal signer)

this method is used to get a set of valid signer's PKCs from the PKC repositories.

Parameters:

signer - is identified by a Pricipal object.