Example 6 with CertificateDto
use of uk.gov.ida.hub.samlengine.domain.CertificateDto in project verify-hub by alphagov.
the class ConfigServiceKeyStoreTest method getEncryptionKeyForEntity_shouldValidateTheKeyReturnedByConfig.
@Test
public void getEncryptionKeyForEntity_shouldValidateTheKeyReturnedByConfig() throws Exception {
final CertificateDto certOneDto = getX509Certificate(IDP_ENTITY_ID);
when(certificatesConfigProxy.getEncryptionCertificate(issuerId)).thenReturn(certOneDto);
when(x509CertificateFactory.createCertificate(certOneDto.getCertificate())).thenReturn(x509Certificate);
when(trustStoreForCertificateProvider.getTrustStoreFor(any(FederationEntityType.class))).thenReturn(trustStore);
when(certificateChainValidator.validate(x509Certificate, trustStore)).thenReturn(valid());
configServiceKeyStore.getEncryptionKeyForEntity(issuerId);
verify(certificateChainValidator).validate(x509Certificate, trustStore);
}
Also used :
CertificateDto(uk.gov.ida.hub.samlengine.domain.CertificateDto)
CertificateDtoBuilder.aCertificateDto(uk.gov.ida.hub.samlengine.builders.CertificateDtoBuilder.aCertificateDto)
FederationEntityType(uk.gov.ida.hub.samlengine.domain.FederationEntityType)
Test(org.junit.Test)
Example 7 with CertificateDto
use of uk.gov.ida.hub.samlengine.domain.CertificateDto in project verify-hub by alphagov.
the class ConfigStubRule method setupCertificatesForEntity.
public void setupCertificatesForEntity(String issuer) throws JsonProcessingException {
CertificateDto signingCertificate = CertificateDtoBuilder.aCertificateDto().withIssuerId(issuer).withKeyUse(CertificateDto.KeyUse.Signing).build();
CertificateDto encryptionCertificate = CertificateDtoBuilder.aCertificateDto().withIssuerId(issuer).withKeyUse(CertificateDto.KeyUse.Encryption).build();
setupCertificatesForEntity(issuer, signingCertificate, encryptionCertificate);
}
Also used :
CertificateDto(uk.gov.ida.hub.samlengine.domain.CertificateDto)
Example 8 with CertificateDto
use of uk.gov.ida.hub.samlengine.domain.CertificateDto in project verify-hub by alphagov.
the class ConfigServiceKeyStore method getVerifyingKeysForEntity.
public List<PublicKey> getVerifyingKeysForEntity(String entityId) {
Collection<CertificateDto> certificates = certificatesConfigProxy.getSignatureVerificationCertificates(entityId);
List<PublicKey> publicKeys = new ArrayList<>();
for (CertificateDto keyFromConfig : certificates) {
String base64EncodedCertificateValue = keyFromConfig.getCertificate();
final X509Certificate certificate = x509CertificateFactory.createCertificate(base64EncodedCertificateValue);
KeyStore trustStore = trustStoreForCertificateProvider.getTrustStoreFor(keyFromConfig.getFederationEntityType());
validate(certificate, trustStore);
publicKeys.add(certificate.getPublicKey());
}
return publicKeys;
}
Also used :
CertificateDto(uk.gov.ida.hub.samlengine.domain.CertificateDto)
PublicKey(java.security.PublicKey)
ArrayList(java.util.ArrayList)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
CertificateDto (uk.gov.ida.hub.samlengine.domain.CertificateDto)8
Test (org.junit.Test)5
CertificateDtoBuilder.aCertificateDto (uk.gov.ida.hub.samlengine.builders.CertificateDtoBuilder.aCertificateDto)5
FederationEntityType (uk.gov.ida.hub.samlengine.domain.FederationEntityType)5
KeyStore (java.security.KeyStore)2
PublicKey (java.security.PublicKey)2
CertPathValidatorException (java.security.cert.CertPathValidatorException)2
X509Certificate (java.security.cert.X509Certificate)2
CertificateChainValidationException (uk.gov.ida.common.shared.security.verification.exceptions.CertificateChainValidationException)2
ArrayList (java.util.ArrayList)1
