private static void removeKeyDescriptor(RoleDescriptorType desp, boolean isSigningUse) {
   List keys = desp.getKeyDescriptor();
   for (Iterator iter = keys.iterator(); iter.hasNext(); ) {
     KeyDescriptorElement key = (KeyDescriptorElement) iter.next();
     String keyUse = "encryption";
     if (isSigningUse) {
       keyUse = "signing";
     }
     if ((key.getUse() != null) && key.getUse().equalsIgnoreCase(keyUse)) {
       iter.remove();
     }
   }
 }
 private static void updateKeyDescriptor(RoleDescriptorType desp, KeyDescriptorElement newKey) {
   // NOTE : we only support one signing and one encryption key right now
   // the code need to be change if we need to support multiple signing
   // and/or encryption keys in one entity
   List keys = desp.getKeyDescriptor();
   for (Iterator iter = keys.iterator(); iter.hasNext(); ) {
     KeyDescriptorElement key = (KeyDescriptorElement) iter.next();
     if ((key.getUse() != null) && key.getUse().equalsIgnoreCase(newKey.getUse())) {
       iter.remove();
     }
   }
   desp.getKeyDescriptor().add(newKey);
 }