1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.opensaml.xml.security.trust;
18
19 import java.security.Key;
20
21 import org.opensaml.xml.security.credential.Credential;
22 import org.slf4j.Logger;
23 import org.slf4j.LoggerFactory;
24
25
26
27
28
29
30
31 public class ExplicitKeyTrustEvaluator {
32
33
34 private final Logger log = LoggerFactory.getLogger(ExplicitKeyTrustEvaluator.class);
35
36
37
38
39
40
41
42
43 public boolean validate(Key untrustedKey, Key trustedKey) {
44 return untrustedKey.equals(trustedKey);
45 }
46
47
48
49
50
51
52
53
54 public boolean validate(Key untrustedKey, Iterable<Key> trustedKeys) {
55 for (Key trustedKey : trustedKeys) {
56 if (untrustedKey.equals(trustedKey)) {
57 return true;
58 }
59 }
60 return false;
61 }
62
63
64
65
66
67
68
69
70 public boolean validate(Credential untrustedCredential, Credential trustedCredential) {
71
72 Key untrustedKey = null;
73 Key trustedKey = null;
74 if (untrustedCredential.getPublicKey() != null) {
75 untrustedKey = untrustedCredential.getPublicKey();
76 trustedKey = trustedCredential.getPublicKey();
77 } else {
78 untrustedKey = untrustedCredential.getSecretKey();
79 trustedKey = trustedCredential.getSecretKey();
80 }
81 if (untrustedKey == null) {
82 log.debug("Untrusted credential contained no key, unable to evaluate");
83 return false;
84 } else if (trustedKey == null) {
85 log.debug("Trusted credential contained no key of the appropriate type, unable to evaluate");
86 return false;
87 }
88
89 if (validate(untrustedKey, trustedKey)) {
90 log.debug("Successfully validated untrusted credential against trusted key");
91 return true;
92 }
93
94 log.debug("Failed to validate untrusted credential against trusted key");
95 return false;
96 }
97
98
99
100
101
102
103
104
105 public boolean validate(Credential untrustedCredential, Iterable<Credential> trustedCredentials) {
106
107 for (Credential trustedCredential : trustedCredentials) {
108 if (validate(untrustedCredential, trustedCredential)) {
109 return true;
110 }
111 }
112 return false;
113 }
114
115 }