Examples with X509CertificateFactory uk.gov.ida.common.shared.security.X509CertificateFactory used on opensource projects

Search in sources :

Example 1 with X509CertificateFactory

use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.

the class SamlProxyModule method configure.

@Override
protected void configure() {
    bind(TrustStoreConfiguration.class).to(SamlProxyConfiguration.class);
    bind(RestfulClientConfiguration.class).to(SamlProxyConfiguration.class);
    bind(PublicKeyInputStreamFactory.class).toInstance(new PublicKeyFileInputStreamFactory());
    bind(SigningKeyStore.class).to(AuthnRequestKeyStore.class);
    bind(Client.class).toProvider(DefaultClientProvider.class).in(Scopes.SINGLETON);
    bind(EventSinkProxy.class).to(EventSinkHttpProxy.class);
    bind(KeyStore.class).toProvider(KeyStoreProvider.class).in(Scopes.SINGLETON);
    bind(ConfigServiceKeyStore.class).asEagerSingleton();
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(ResponseMaxSizeValidator.class);
    bind(ExpiredCertificateMetadataFilter.class).toInstance(new ExpiredCertificateMetadataFilter());
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(CertificatesConfigProxy.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(StringSizeValidator.class).toInstance(new StringSizeValidator());
    bind(JsonResponseProcessor.class);
    bind(ObjectMapper.class).toInstance(new ObjectMapper());
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(RelayStateValidator.class).toInstance(new RelayStateValidator());
    bind(ProtectiveMonitoringLogFormatter.class).toInstance(new ProtectiveMonitoringLogFormatter());
    bind(KeyStoreCache.class);
    bind(EventSinkMessageSender.class);
    bind(ExceptionAuditor.class);
    bind(ProtectiveMonitoringLogger.class);
    bind(SessionProxy.class);
    bind(new TypeLiteral<LevelLoggerFactory<SamlProxySamlTransformationErrorExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(new TypeLiteral<LevelLoggerFactory<NoKeyConfiguredForEntityExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(new TypeLiteral<LevelLoggerFactory<SamlProxyApplicationExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(new TypeLiteral<LevelLoggerFactory<SamlProxyExceptionMapper>>() {
    }).toInstance(new LevelLoggerFactory<>());
    bind(SamlMessageSenderHandler.class);
    bind(ExternalCommunicationEventLogger.class);
    bind(IpAddressResolver.class).toInstance(new IpAddressResolver());
}
Also used : RestfulClientConfiguration(uk.gov.ida.restclient.RestfulClientConfiguration) TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) ClientTrustStoreConfiguration(uk.gov.ida.truststore.ClientTrustStoreConfiguration) SamlProxyExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyExceptionMapper) KeyStoreProvider(uk.gov.ida.truststore.KeyStoreProvider) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) ExpiredCertificateMetadataFilter(uk.gov.ida.saml.metadata.ExpiredCertificateMetadataFilter) DefaultClientProvider(uk.gov.ida.jerseyclient.DefaultClientProvider) PublicKeyInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) StringSizeValidator(uk.gov.ida.saml.hub.validators.StringSizeValidator) NoKeyConfiguredForEntityExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.NoKeyConfiguredForEntityExceptionMapper) IpAddressResolver(uk.gov.ida.shared.utils.IpAddressResolver) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) RelayStateValidator(uk.gov.ida.saml.core.security.RelayStateValidator) ProtectiveMonitoringLogFormatter(uk.gov.ida.hub.samlproxy.logging.ProtectiveMonitoringLogFormatter) PublicKeyFileInputStreamFactory(uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory) TypeLiteral(com.google.inject.TypeLiteral) SamlProxyApplicationExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxyApplicationExceptionMapper) HubSigningKeyStore(uk.gov.ida.hub.samlproxy.security.HubSigningKeyStore) SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore) EventSinkProxy(uk.gov.ida.eventsink.EventSinkProxy) ConfigServiceKeyStore(uk.gov.ida.hub.samlproxy.config.ConfigServiceKeyStore) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) SamlProxySamlTransformationErrorExceptionMapper(uk.gov.ida.hub.samlproxy.exceptions.SamlProxySamlTransformationErrorExceptionMapper)

Example 2 with X509CertificateFactory

use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.

the class MatchingServiceHealthCheckIntegrationTests method getKeyStore.

private IdaKeyStore getKeyStore() throws Base64DecodingException {
    List<KeyPair> encryptionKeyPairs = new ArrayList<>();
    PublicKeyFactory publicKeyFactory = new PublicKeyFactory(new X509CertificateFactory());
    PrivateKeyFactory privateKeyFactory = new PrivateKeyFactory();
    PublicKey encryptionPublicKey = publicKeyFactory.createPublicKey(HUB_TEST_PUBLIC_ENCRYPTION_CERT);
    PrivateKey encryptionPrivateKey = privateKeyFactory.createPrivateKey(Base64.getDecoder().decode(HUB_TEST_PRIVATE_ENCRYPTION_KEY.getBytes()));
    encryptionKeyPairs.add(new KeyPair(encryptionPublicKey, encryptionPrivateKey));
    PublicKey publicSigningKey = publicKeyFactory.createPublicKey(HUB_TEST_PUBLIC_SIGNING_CERT);
    PrivateKey privateSigningKey = privateKeyFactory.createPrivateKey(Base64.getDecoder().decode(HUB_TEST_PRIVATE_SIGNING_KEY.getBytes()));
    KeyPair signingKeyPair = new KeyPair(publicSigningKey, privateSigningKey);
    return new IdaKeyStore(signingKeyPair, encryptionKeyPairs);
}
Also used : X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) PrivateKeyFactory(uk.gov.ida.common.shared.security.PrivateKeyFactory) PublicKey(java.security.PublicKey) ArrayList(java.util.ArrayList) PublicKeyFactory(uk.gov.ida.common.shared.security.PublicKeyFactory) IdaKeyStore(uk.gov.ida.saml.security.IdaKeyStore)

Example 3 with X509CertificateFactory

use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.

the class SamlMessageSenderApiResourceTest method getKeyStore.

private static IdaKeyStore getKeyStore() throws Base64DecodingException {
    List<KeyPair> encryptionKeyPairs = new ArrayList<>();
    PublicKeyFactory publicKeyFactory = new PublicKeyFactory(new X509CertificateFactory());
    PrivateKeyFactory privateKeyFactory = new PrivateKeyFactory();
    PublicKey encryptionPublicKey = publicKeyFactory.createPublicKey(HUB_TEST_PUBLIC_ENCRYPTION_CERT);
    PrivateKey encryptionPrivateKey = privateKeyFactory.createPrivateKey(Base64.getDecoder().decode(HUB_TEST_PRIVATE_ENCRYPTION_KEY.getBytes()));
    encryptionKeyPairs.add(new KeyPair(encryptionPublicKey, encryptionPrivateKey));
    PublicKey publicSigningKey = publicKeyFactory.createPublicKey(HUB_TEST_PUBLIC_SIGNING_CERT);
    PrivateKey privateSigningKey = privateKeyFactory.createPrivateKey(Base64.getDecoder().decode(HUB_TEST_PRIVATE_SIGNING_KEY.getBytes()));
    KeyPair signingKeyPair = new KeyPair(publicSigningKey, privateSigningKey);
    return new IdaKeyStore(signingKeyPair, encryptionKeyPairs);
}
Also used : X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) PrivateKeyFactory(uk.gov.ida.common.shared.security.PrivateKeyFactory) PublicKey(java.security.PublicKey) ArrayList(java.util.ArrayList) PublicKeyFactory(uk.gov.ida.common.shared.security.PublicKeyFactory) IdaKeyStore(uk.gov.ida.saml.security.IdaKeyStore)

Example 4 with X509CertificateFactory

use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.

the class CryptoModule method configure.

@Override
protected void configure() {
    bind(EncryptionKeyStore.class).to(HubEncryptionKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("authnRequestKeyStore")).to(AuthnRequestKeyStore.class).asEagerSingleton();
    bind(SigningKeyStore.class).annotatedWith(Names.named("samlResponseFromMatchingServiceKeyStore")).to(SamlResponseFromMatchingServiceKeyStore.class).asEagerSingleton();
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(CertificateChainValidator.class);
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(CertificatesConfigProxy.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(EncryptionCredentialFactory.class);
    bind(KeyStoreCache.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(SignatureFactory.class);
    bind(IdaKeyStoreCredentialRetriever.class);
    bind(SamlResponseAssertionEncrypter.class);
    bind(AssertionBlobEncrypter.class);
    bind(EncrypterFactory.class).toInstance(new EncrypterFactory());
    bind(SignatureAlgorithm.class).toInstance(new SignatureRSASHA1());
    bind(DigestAlgorithm.class).toInstance(new DigestSHA256());
}
Also used : X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) DigestSHA256(org.opensaml.xmlsec.algorithm.descriptors.DigestSHA256) AuthnRequestKeyStore(uk.gov.ida.hub.samlengine.security.AuthnRequestKeyStore) SignatureRSASHA1(org.opensaml.xmlsec.algorithm.descriptors.SignatureRSASHA1) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) EncrypterFactory(uk.gov.ida.saml.security.EncrypterFactory) SignatureAlgorithm(org.opensaml.xmlsec.algorithm.SignatureAlgorithm) SigningKeyStore(uk.gov.ida.saml.security.SigningKeyStore) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) SamlResponseFromMatchingServiceKeyStore(uk.gov.ida.hub.samlengine.security.SamlResponseFromMatchingServiceKeyStore) HubEncryptionKeyStore(uk.gov.ida.hub.samlengine.security.HubEncryptionKeyStore) DigestAlgorithm(org.opensaml.xmlsec.algorithm.DigestAlgorithm)

Example 5 with X509CertificateFactory

use of uk.gov.ida.common.shared.security.X509CertificateFactory in project verify-hub by alphagov.

the class ConfigModule method configure.

@Override
protected void configure() {
    bind(ConfigHealthCheck.class).asEagerSingleton();
    bind(ConfigDataBootstrap.class).asEagerSingleton();
    bind(CertificateChainConfigValidator.class).annotatedWith(CertificateConfigValidator.class).to(LoggingCertificateChainConfigValidator.class);
    bind(TrustStoreConfiguration.class).to(ConfigConfiguration.class);
    bind(new TypeLiteral<ConfigurationFactoryFactory<IdentityProviderConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<IdentityProviderConfigEntityData>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<TransactionConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<TransactionConfigEntityData>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<MatchingServiceConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<MatchingServiceConfigEntityData>());
    bind(new TypeLiteral<ConfigurationFactoryFactory<CountriesConfigEntityData>>() {
    }).toInstance(new DefaultConfigurationFactoryFactory<CountriesConfigEntityData>());
    bind(new TypeLiteral<ConfigDataSource<TransactionConfigEntityData>>() {
    }).to(FileBackedTransactionConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<MatchingServiceConfigEntityData>>() {
    }).to(FileBackedMatchingServiceConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<IdentityProviderConfigEntityData>>() {
    }).to(FileBackedIdentityProviderConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigDataSource<CountriesConfigEntityData>>() {
    }).to(FileBackedCountriesConfigDataSource.class).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<TransactionConfigEntityData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<CountriesConfigEntityData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<MatchingServiceConfigEntityData>>() {
    }).asEagerSingleton();
    bind(new TypeLiteral<ConfigEntityDataRepository<IdentityProviderConfigEntityData>>() {
    }).asEagerSingleton();
    bind(ObjectMapper.class).toInstance(new ObjectMapper().registerModule(new GuavaModule()));
    bind(LevelsOfAssuranceConfigValidator.class).toInstance(new LevelsOfAssuranceConfigValidator());
    bind(CertificateChainValidator.class);
    bind(TrustStoreForCertificateProvider.class);
    bind(X509CertificateFactory.class).toInstance(new X509CertificateFactory());
    bind(KeyStoreCache.class);
    bind(ExceptionFactory.class);
    bind(OCSPCertificateChainValidityChecker.class);
    bind(EntityConfigDataToCertificateDtoTransformer.class);
    bind(OCSPCertificateChainValidator.class);
    bind(IdpPredicateFactory.class);
    bind(KeyStoreLoader.class).toInstance(new KeyStoreLoader());
    bind(OCSPPKIXParametersProvider.class).toInstance(new OCSPPKIXParametersProvider());
    bind(PKIXParametersProvider.class).toInstance(new PKIXParametersProvider());
    bind(CertificateService.class);
}
Also used : TrustStoreConfiguration(uk.gov.ida.truststore.TrustStoreConfiguration) KeyStoreLoader(uk.gov.ida.truststore.KeyStoreLoader) FileBackedIdentityProviderConfigDataSource(uk.gov.ida.hub.config.data.FileBackedIdentityProviderConfigDataSource) TypeLiteral(com.google.inject.TypeLiteral) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) LevelsOfAssuranceConfigValidator(uk.gov.ida.hub.config.data.LevelsOfAssuranceConfigValidator) MatchingServiceConfigEntityData(uk.gov.ida.hub.config.domain.MatchingServiceConfigEntityData) FileBackedCountriesConfigDataSource(uk.gov.ida.hub.config.data.FileBackedCountriesConfigDataSource) OCSPPKIXParametersProvider(uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider) CountriesConfigEntityData(uk.gov.ida.hub.config.domain.CountriesConfigEntityData) IdentityProviderConfigEntityData(uk.gov.ida.hub.config.domain.IdentityProviderConfigEntityData) TransactionConfigEntityData(uk.gov.ida.hub.config.domain.TransactionConfigEntityData) OCSPPKIXParametersProvider(uk.gov.ida.common.shared.security.verification.OCSPPKIXParametersProvider) PKIXParametersProvider(uk.gov.ida.common.shared.security.verification.PKIXParametersProvider) GuavaModule(com.fasterxml.jackson.datatype.guava.GuavaModule) X509CertificateFactory(uk.gov.ida.common.shared.security.X509CertificateFactory) CertificateConfigValidator(uk.gov.ida.hub.config.annotations.CertificateConfigValidator) FileBackedTransactionConfigDataSource(uk.gov.ida.hub.config.data.FileBackedTransactionConfigDataSource) FileBackedMatchingServiceConfigDataSource(uk.gov.ida.hub.config.data.FileBackedMatchingServiceConfigDataSource) ConfigDataBootstrap(uk.gov.ida.hub.config.data.ConfigDataBootstrap) FileBackedCountriesConfigDataSource(uk.gov.ida.hub.config.data.FileBackedCountriesConfigDataSource) FileBackedMatchingServiceConfigDataSource(uk.gov.ida.hub.config.data.FileBackedMatchingServiceConfigDataSource) ConfigDataSource(uk.gov.ida.hub.config.data.ConfigDataSource) FileBackedTransactionConfigDataSource(uk.gov.ida.hub.config.data.FileBackedTransactionConfigDataSource) FileBackedIdentityProviderConfigDataSource(uk.gov.ida.hub.config.data.FileBackedIdentityProviderConfigDataSource) ConfigHealthCheck(uk.gov.ida.hub.config.healthcheck.ConfigHealthCheck)

Aggregations

X509CertificateFactory (uk.gov.ida.common.shared.security.X509CertificateFactory)7 PKIXParametersProvider (uk.gov.ida.common.shared.security.verification.PKIXParametersProvider)4 KeyStoreLoader (uk.gov.ida.truststore.KeyStoreLoader)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 TypeLiteral (com.google.inject.TypeLiteral)3 PrivateKeyFactory (uk.gov.ida.common.shared.security.PrivateKeyFactory)3 TrustStoreConfiguration (uk.gov.ida.truststore.TrustStoreConfiguration)3 KeyPair (java.security.KeyPair)2 PrivateKey (java.security.PrivateKey)2 PublicKey (java.security.PublicKey)2 ArrayList (java.util.ArrayList)2 PublicKeyFactory (uk.gov.ida.common.shared.security.PublicKeyFactory)2 PublicKeyFileInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyFileInputStreamFactory)2 PublicKeyInputStreamFactory (uk.gov.ida.common.shared.security.PublicKeyInputStreamFactory)2 EventSinkProxy (uk.gov.ida.eventsink.EventSinkProxy)2 GuavaModule (com.fasterxml.jackson.datatype.guava.GuavaModule)1 UrlConfigurationSourceProvider (io.dropwizard.configuration.UrlConfigurationSourceProvider)1 URI (java.net.URI)1 Test (org.junit.Test)1 Response (org.opensaml.saml.saml2.core.Response)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial