1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.opensaml.xml.security.x509;
18
19 import java.security.PublicKey;
20 import java.security.cert.X509CRL;
21 import java.security.cert.X509Certificate;
22 import java.util.ArrayList;
23 import java.util.Collection;
24 import java.util.HashSet;
25
26 import javax.crypto.SecretKey;
27
28 import org.opensaml.xml.security.credential.BasicCredential;
29 import org.opensaml.xml.security.credential.Credential;
30
31
32
33
34 public class BasicX509Credential extends BasicCredential implements X509Credential {
35
36
37 private X509Certificate entityCert;
38
39
40 private Collection<X509Certificate> entityCertChain;
41
42
43 private Collection<X509CRL> crls;
44
45
46 public Class<? extends Credential> getCredentialType() {
47 return X509Credential.class;
48 }
49
50
51 public Collection<X509CRL> getCRLs() {
52 return crls;
53 }
54
55
56
57
58
59
60 public void setCRLs(Collection<X509CRL> newCRLs) {
61 crls = newCRLs;
62 }
63
64
65 public X509Certificate getEntityCertificate() {
66 return entityCert;
67 }
68
69
70
71
72
73
74 public void setEntityCertificate(X509Certificate cert) {
75 entityCert = cert;
76 if (cert != null) {
77 setPublicKey(cert.getPublicKey());
78 } else {
79 setPublicKey(null);
80 }
81 }
82
83
84 public Collection<X509Certificate> getEntityCertificateChain() {
85 if (entityCertChain == null && entityCert != null) {
86 HashSet<X509Certificate> constructedChain = new HashSet<X509Certificate>(5);
87 constructedChain.add(entityCert);
88 return constructedChain;
89 }
90
91 return entityCertChain;
92 }
93
94
95
96
97
98
99
100 public void setEntityCertificateChain(Collection<X509Certificate> certs) {
101 entityCertChain = new ArrayList<X509Certificate>(certs);
102 }
103
104
105 public void setPublicKey(PublicKey key) {
106 if (entityCert != null) {
107 if (! entityCert.getPublicKey().equals(key)) {
108 throw new IllegalArgumentException("X509Credential already contains a certificate "
109 + "with a different public key");
110 }
111 }
112 super.setPublicKey(key);
113 }
114
115
116 public void setSecretKey(SecretKey key) {
117 if (key != null) {
118 throw new UnsupportedOperationException("Secret (symmetric) key may not be set "
119 + "on an X509Credential instance");
120 }
121 }
122
123
124 public SecretKey getSecretKey() {
125 return null;
126 }
127
128 }