Search in sources :

Example 1 with XMLEncryptionManager

use of com.sun.identity.xmlenc.XMLEncryptionManager in project OpenAM by OpenRock.

the class EncryptedNameIdentifier method getDecryptedNameIdentifier.

/**
     * Gets the decrypted NameIdentifier. 
     * @param encNI EncryptedNameIdentifier. 
     * @param decKey decryption key.
     * 
     * @return NameIdentifier Decrypted NameIdentifier.
     * @exception FSException for failures
     */
public static NameIdentifier getDecryptedNameIdentifier(NameIdentifier encNI, PrivateKey decKey) throws FSException {
    if (encNI.getFormat() == null || !encNI.getFormat().equals(IFSConstants.NI_ENCRYPTED_FORMAT_URI)) {
        throw new FSException("notValidFormat", null);
    }
    String name = encNI.getName();
    name = FSUtils.removeNewLineChars(name);
    String decodeStr = SAMLUtils.byteArrayToString(Base64.decode(name));
    Document encryptedDoc = XMLUtils.toDOMDocument(decodeStr, FSUtils.debug);
    try {
        XMLEncryptionManager manager = XMLEncryptionManager.getInstance();
        Document doc = manager.decryptAndReplace(encryptedDoc, decKey);
        Element element = (Element) doc.getElementsByTagNameNS(IFSConstants.FF_12_XML_NS, "EncryptableNameIdentifier").item(0);
        EncryptableNameIdentifier eni = new EncryptableNameIdentifier(element);
        return new NameIdentifier(eni.getName(), eni.getNameQualifier(), eni.getFormat());
    } catch (EncryptionException ee) {
        FSUtils.debug.error("EncryptedNameIdentifier.getDecryptedName" + "Identifier: Decryption exception", ee);
        throw new FSException(ee);
    } catch (SAMLException se) {
        throw new FSException(se);
    }
}
Also used : NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier) Element(org.w3c.dom.Element) FSException(com.sun.identity.federation.common.FSException) EncryptionException(com.sun.identity.xmlenc.EncryptionException) XMLEncryptionManager(com.sun.identity.xmlenc.XMLEncryptionManager) Document(org.w3c.dom.Document) SAMLException(com.sun.identity.saml.common.SAMLException)

Example 2 with XMLEncryptionManager

use of com.sun.identity.xmlenc.XMLEncryptionManager in project OpenAM by OpenRock.

the class EncryptedNameIdentifier method getEncryptedNameIdentifier.

/**
     * Gets then Encrypted NameIdentifier for a given name identifier 
     * and the provider ID.
     * @param ni NameIdentifier.
     * @param providerID Remote Provider ID.
     * @param enckey Key Encryption Key
     * @param dataEncAlgorithm Data encryption algorithm
     * @param dataEncStrength Data encryption key size
     *
     * @return NameIdentifier EncryptedNameIdentifier. 
     * @exception FSException for failure.
     */
public static NameIdentifier getEncryptedNameIdentifier(NameIdentifier ni, String providerID, Key enckey, String dataEncAlgorithm, int dataEncStrength) throws FSException {
    if (ni == null || providerID == null) {
        FSUtils.debug.error("EncryptedNameIdentifier.construct: " + "nullInputParameter");
        throw new FSException("nullInputParameter", null);
    }
    EncryptableNameIdentifier eni = new EncryptableNameIdentifier(ni);
    Document encryptableDoc = getEncryptableDocument(eni);
    Document encryptedDoc = null;
    try {
        Element encryptElement = (Element) encryptableDoc.getElementsByTagNameNS(IFSConstants.FF_12_XML_NS, "EncryptableNameIdentifier").item(0);
        XMLEncryptionManager manager = XMLEncryptionManager.getInstance();
        encryptedDoc = manager.encryptAndReplace(encryptableDoc, encryptElement, dataEncAlgorithm, dataEncStrength, enckey, // TODO: should we pick it up from extended meta?
        0, providerID);
    } catch (EncryptionException ee) {
        FSUtils.debug.error("EncryptedNameIdentifier.construct: Unable" + "to encrypt the xml doc", ee);
        throw new FSException(ee);
    }
    if (encryptedDoc == null) {
        throw new FSException("EncryptionFailed", null);
    }
    String encodedStr = Base64.encode(SAMLUtils.stringToByteArray(XMLUtils.print((Node) (encryptedDoc))));
    try {
        return new NameIdentifier(encodedStr, ni.getNameQualifier(), IFSConstants.NI_ENCRYPTED_FORMAT_URI);
    } catch (SAMLException se) {
        throw new FSException(se);
    }
}
Also used : NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier) Element(org.w3c.dom.Element) FSException(com.sun.identity.federation.common.FSException) EncryptionException(com.sun.identity.xmlenc.EncryptionException) XMLEncryptionManager(com.sun.identity.xmlenc.XMLEncryptionManager) Document(org.w3c.dom.Document) SAMLException(com.sun.identity.saml.common.SAMLException)

Aggregations

FSException (com.sun.identity.federation.common.FSException)2 NameIdentifier (com.sun.identity.saml.assertion.NameIdentifier)2 SAMLException (com.sun.identity.saml.common.SAMLException)2 EncryptionException (com.sun.identity.xmlenc.EncryptionException)2 XMLEncryptionManager (com.sun.identity.xmlenc.XMLEncryptionManager)2 Document (org.w3c.dom.Document)2 Element (org.w3c.dom.Element)2