/*
* Copyright (c) 2012, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*
*/
package org.wso2.carbon.identity.sso.agent.saml;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.identity.sso.agent.SSOAgentException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
public class SSOAgentCarbonX509Credential implements SSOAgentX509Credential {
private PublicKey publicKey = null;
private PrivateKey privateKey = null;
private X509Certificate entityCertificate = null;
public SSOAgentCarbonX509Credential(int tenantId, String tenantDomain)
throws SSOAgentException {
readCarbonX509Credentials(tenantId, tenantDomain);
}
@Override
public PublicKey getPublicKey() {
return publicKey;
}
@Override
public PrivateKey getPrivateKey() {
return privateKey;
}
@Override
public X509Certificate getEntityCertificate() {
return entityCertificate;
}
protected void readCarbonX509Credentials(int tenantId, String tenantDomain) throws SSOAgentException {
KeyStoreManager tenantKSM = KeyStoreManager.getInstance(tenantId);
if (!tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
// derive key store name
String ksName = tenantDomain.trim().replace(".", "-");
// derive JKS name
String jksName = ksName + ".jks";
KeyStore keyStore = null;
try {
keyStore = tenantKSM.getKeyStore(jksName);
} catch (Exception e) {
throw new SSOAgentException("Error occurred while retrieving " +
"key store of tenant " + tenantDomain, e);
}
try {
entityCertificate = (X509Certificate) keyStore.getCertificate(tenantDomain);
} catch (KeyStoreException e) {
throw new SSOAgentException("Error occurred while retrieving " +
"public certificate with alias " + tenantDomain +
" of tenant " + tenantDomain, e);
}
privateKey = (PrivateKey) tenantKSM.getPrivateKey(jksName, tenantDomain);
} else {
try {
entityCertificate = tenantKSM.getDefaultPrimaryCertificate();
} catch (Exception e) {
throw new SSOAgentException("Error retrieving default primary certificate of " +
MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, e);
}
try {
privateKey = tenantKSM.getDefaultPrivateKey();
} catch (Exception e) {
throw new SSOAgentException("Error retrieving default private key of " +
MultitenantConstants.SUPER_TENANT_DOMAIN_NAME, e);
}
}
publicKey = entityCertificate.getPublicKey();
}
}