CredentialHelper (XMLSecTool 2.0.0 API)

java.lang.Object
- net.shibboleth.tool.xmlsectool.CredentialHelper

```
public final class CredentialHelper
extends Object
```
Helper class for reading in cryptographic credentials.

Field Summary

Fields
Modifier and Type Field and Description

private static Logger LOG
Class logger.

Fields
Modifier and Type	Field and Description
`private static Logger`	`LOG` Class logger.

Constructor Summary

Constructors
Modifier Constructor and Description

private CredentialHelper()
Constructor.

Constructors
Modifier	Constructor and Description
`private`	`CredentialHelper()` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected static org.opensaml.security.x509.BasicX509Credential`	`getCredentialFromKeystore(KeyStore keystore, String keyAlias, String keyPassword)` Gets a credential from the given store.
`protected static org.opensaml.security.x509.BasicX509Credential`	`getFileBasedCredentials(String keyFile, String keyPassword, String certificateFile)` Reads in the X509 credentials from the filesystem.
`protected static org.opensaml.security.x509.BasicX509Credential`	`getKeystoreCredential(String keystorePath, String keystorePassword, String keystoreProvider, String keystoreType, String keyAlias, String keyPassword)` Reads in the X509 credentials from a keystore.
`protected static org.opensaml.security.x509.BasicX509Credential`	`getPKCS11Credential(String keystoreProvider, String pkcs11Config, String keyAlias, String keyPassword)` Reads in the X509 credentials from a PKCS11 source.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- LOG
```
private static final Logger LOG
```
  Class logger.

Constructor Detail
- CredentialHelper
```
private CredentialHelper()
```
  Constructor.

Method Detail

getFileBasedCredentials

protected static org.opensaml.security.x509.BasicX509Credential getFileBasedCredentials(String keyFile,
                                                                     String keyPassword,
                                                                     String certificateFile)
                                                                                 throws KeyException,
                                                                                        CertificateException

Reads in the X509 credentials from the filesystem.

Parameters:: keyFile - path to the private key file; keyPassword - password for the private key, may be null; certificateFile - path to the certificate file associated with the private key
Returns:: the credentials
Throws:: CertificateException - if there is a problem decoding the certificate; KeyException - if there is a problem decoding the private key

getKeystoreCredential

protected static org.opensaml.security.x509.BasicX509Credential getKeystoreCredential(String keystorePath,
                                                                   String keystorePassword,
                                                                   String keystoreProvider,
                                                                   String keystoreType,
                                                                   String keyAlias,
                                                                   String keyPassword)
                                                                               throws IOException,
                                                                                      GeneralSecurityException

Reads in the X509 credentials from a keystore.

Parameters:: keystorePath - path the keystore file; keystorePassword - keystore password; keystoreProvider - keystore providr identifier; keystoreType - keystore type; keyAlias - private key alias; keyPassword - private key password, may not be null
Returns:: the credentials
Throws:: IOException - if there was a problem reading the keystore; GeneralSecurityException - if there was a problem

getPKCS11Credential

protected static org.opensaml.security.x509.BasicX509Credential getPKCS11Credential(String keystoreProvider,
                                                                 String pkcs11Config,
                                                                 String keyAlias,
                                                                 String keyPassword)
                                                                             throws IOException,
                                                                                    GeneralSecurityException

Reads in the X509 credentials from a PKCS11 source.

Parameters:: keystoreProvider - keystore provider class; pkcs11Config - PKCS11 configuration file used by the keystore provider; keyAlias - private key keystore alias; keyPassword - private key password, may not be null
Returns:: the credentials
Throws:: IOException - if it is not possible to read the keystore; GeneralSecurityException - if there is a problem loading the keystore, or loading the credential from it

getCredentialFromKeystore

protected static org.opensaml.security.x509.BasicX509Credential getCredentialFromKeystore(KeyStore keystore,
                                                                       String keyAlias,
                                                                       String keyPassword)
                                                                                   throws GeneralSecurityException

Gets a credential from the given store.

Parameters:: keystore - keystore from which to extract the credentials; keyAlias - keystore key alias; keyPassword - private key password
Returns:: the extracted credential
Throws:: GeneralSecurityException - if there is a problem getting the credential from the keystore, or if the credential is not of a known type

Class CredentialHelper

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

LOG

Constructor Detail

CredentialHelper

Method Detail

getFileBasedCredentials

getKeystoreCredential

getPKCS11Credential

getCredentialFromKeystore