public static void main(String args[]) throws Exception {
if (args.length < 1) show();
InfoCardWriter icw =
new InfoCardWriter(
(X509Certificate) DemoKeyStore.getMarionKeyStore().getCertificate("mykey"),
TokenType.SAML_1_0,
"http://infocard.example.com/1234567",
"http://example.com",
"https://sts.example.com/tokenservice",
"https://sts.example.com/metadata");
icw.setDisplayCredentialHint("Insert smart card")
.addClaim(ClaimType.EMAIL_ADDRESS, "*****@*****.**")
.addClaim(ClaimType.COUNTRY)
.setCardName("WebPKI.org")
.setCardImage(new ImageData(BankLogo.getGIFImage(), "image/gif"))
// .setTimeExpires (DOMReaderHelper.parseDateTime ("2017-11-12T21:03:24Z").getTime
// ())
.setRequireAppliesTo(true)
.setOutputSTSIdentity(true)
.setPrivacyNotice("http://example.com/priv")
.addTokenType(TokenType.SAML_2_0);
KeyStoreSigner signer = new KeyStoreSigner(DemoKeyStore.getExampleDotComKeyStore(), null);
signer.setKey(null, DemoKeyStore.getSignerPassword());
ArrayUtil.writeFile(args[0], icw.getInfoCard(signer));
}
static SignatureRequestDecoder test(String file, boolean outdata) throws Exception {
byte[] data = ArrayUtil.readFile(file);
XMLSchemaCache schema_cache = new XMLSchemaCache();
schema_cache.addWrapper(SignatureRequestDecoder.class);
schema_cache.addWrapper(XDSProfileRequestDecoder.class);
SignatureRequestDecoder sreq = (SignatureRequestDecoder) schema_cache.parse(data);
boolean signed = sreq.isSigned();
KeyStoreVerifier verifier = new KeyStoreVerifier(DemoKeyStore.getCAKeyStore());
verifier.setTrustedRequired(false);
if (signed) {
sreq.verifySignature(verifier);
}
StringBuffer s = new StringBuffer();
for (SignatureProfileDecoder spd : sreq.getSignatureProfilesDecoders()) {
s.append("\nSIGNATUREPROFILE:\n" + spd + "\nSIGNATUREPROFILE\n");
}
for (CertificateFilter cf : sreq.getCertificateFilters()) {
printcf(cf, s);
}
print("MAIN_VIEW", sreq.getMainDocument(), s);
print("DETAIL_VIEW", sreq.getDetailDocument(), s);
print("PROCESSING_VIEW", sreq.getProcessingDocument(), s);
for (SignatureRequestDecoder.BaseDocument d : sreq.getEmbeddedObjects()) {
print("EMBEDDED", d, s);
}
for (SignatureRequestDecoder.BaseDocument d : sreq.getAttachments()) {
print("ATTACHMENT", d, s);
}
s.append("\nID=" + sreq.getID() + "\n");
if (sreq.getLanguages() != null)
s.append("\nLanguages=" + StringUtil.tokenList(sreq.getLanguages()) + "\n");
s.append("\nMESSAGEDIGEST:\n" + sreq.getDocumentSignatures(null, null) + "\nMESSAGEDIGEST\n");
if (signed) {
s.append("\nSIGNATURE\n" + verifier.getSignerCertificateInfo().toString() + "\nSIGNATURE");
}
if (outdata) {
System.out.println(s.toString());
}
return sreq;
}
public SoftHSM() throws IOException, GeneralSecurityException {
addKMK(DemoKeyStore.getMybankDotComKeyStore());
addKMK(DemoKeyStore.getSubCAKeyStore());
addKMK(DemoKeyStore.getECDSAStore());
}
private void addKMK(KeyStore km_keystore) throws IOException, GeneralSecurityException {
key_management_keys.put(
km_keystore.getCertificate("mykey").getPublicKey(),
(PrivateKey) km_keystore.getKey("mykey", DemoKeyStore.getSignerPassword().toCharArray()));
}