Example 1 with DataEncryptionParameters
use of org.opensaml.xmlsec.encryption.support.DataEncryptionParameters in project cas by apereo.
the class SamlObjectEncrypter method getDataEncryptionParameters.
/**
* Gets data encryption parameters.
*
* @param samlObject the saml object
* @param service the service
* @param adaptor the adaptor
* @return the data encryption parameters
*/
protected DataEncryptionParameters getDataEncryptionParameters(final Assertion samlObject, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor) {
final DataEncryptionParameters dataEncParams = new DataEncryptionParameters();
dataEncParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
return dataEncParams;
}
Also used :
DataEncryptionParameters(org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)
Example 2 with DataEncryptionParameters
use of org.opensaml.xmlsec.encryption.support.DataEncryptionParameters in project spring-security by spring-projects.
the class TestOpenSamlObjects method getEncrypter.
private static Encrypter getEncrypter(X509Certificate certificate) {
String dataAlgorithm = XMLCipherParameters.AES_256;
String keyAlgorithm = XMLCipherParameters.RSA_1_5;
BasicCredential dataCredential = new BasicCredential(SECRET_KEY);
DataEncryptionParameters dataEncryptionParameters = new DataEncryptionParameters();
dataEncryptionParameters.setEncryptionCredential(dataCredential);
dataEncryptionParameters.setAlgorithm(dataAlgorithm);
Credential credential = CredentialSupport.getSimpleCredential(certificate, null);
KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
keyEncryptionParameters.setEncryptionCredential(credential);
keyEncryptionParameters.setAlgorithm(keyAlgorithm);
Encrypter encrypter = new Encrypter(dataEncryptionParameters, keyEncryptionParameters);
Encrypter.KeyPlacement keyPlacement = Encrypter.KeyPlacement.valueOf("PEER");
encrypter.setKeyPlacement(keyPlacement);
return encrypter;
}
Also used :
Encrypter(org.opensaml.saml.saml2.encryption.Encrypter)
KeyEncryptionParameters(org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters)
BasicCredential(org.opensaml.security.credential.BasicCredential)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
Credential(org.opensaml.security.credential.Credential)
XSString(org.opensaml.core.xml.schema.XSString)
DataEncryptionParameters(org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)
BasicCredential(org.opensaml.security.credential.BasicCredential)
Example 3 with DataEncryptionParameters
use of org.opensaml.xmlsec.encryption.support.DataEncryptionParameters in project cas by apereo.
the class SamlObjectEncrypter method encode.
/**
* Encode a given saml object by invoking a number of outbound security handlers on the context.
*
* @param samlObject the saml object
* @param service the service
* @param adaptor the adaptor
* @param response the response
* @param request the request
* @return the t
* @throws SamlException the saml exception
*/
@SneakyThrows
public EncryptedAssertion encode(final Assertion samlObject, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletResponse response, final HttpServletRequest request) throws SamlException {
final String className = samlObject.getClass().getName();
final String entityId = adaptor.getEntityId();
LOGGER.debug("Attempting to encrypt [{}] for [{}]", className, entityId);
final Credential credential = getKeyEncryptionCredential(entityId, adaptor, service);
LOGGER.info("Found encryption public key: [{}]", EncodingUtils.encodeBase64(credential.getPublicKey().getEncoded()));
final KeyEncryptionParameters keyEncParams = getKeyEncryptionParameters(samlObject, service, adaptor, credential);
LOGGER.debug("Key encryption algorithm for [{}] is [{}]", keyEncParams.getRecipient(), keyEncParams.getAlgorithm());
final DataEncryptionParameters dataEncParams = getDataEncryptionParameters(samlObject, service, adaptor);
LOGGER.debug("Data encryption algorithm for [{}] is [{}]", entityId, dataEncParams.getAlgorithm());
final Encrypter encrypter = getEncrypter(samlObject, service, adaptor, keyEncParams, dataEncParams);
LOGGER.debug("Attempting to encrypt [{}] for [{}] with key placement of [{}]", className, entityId, encrypter.getKeyPlacement());
return encrypter.encrypt(samlObject);
}
Also used :
Encrypter(org.opensaml.saml.saml2.encryption.Encrypter)
KeyEncryptionParameters(org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters)
Credential(org.opensaml.security.credential.Credential)
DataEncryptionParameters(org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)
SneakyThrows(lombok.SneakyThrows)
Example 4 with DataEncryptionParameters
use of org.opensaml.xmlsec.encryption.support.DataEncryptionParameters in project cas by apereo.
the class SamlIdPObjectEncrypter method getDataEncryptionParameters.
/**
* Gets data encryption parameters.
*
* @param samlObject the saml object
* @param service the service
* @param adaptor the adaptor
* @param encryptionConfiguration the encryption configuration
* @return the data encryption parameters
*/
protected DataEncryptionParameters getDataEncryptionParameters(final Object samlObject, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final BasicEncryptionConfiguration encryptionConfiguration) {
try {
val params = resolveEncryptionParameters(service, encryptionConfiguration);
if (params != null) {
return new DataEncryptionParameters(params);
}
LOGGER.debug("No data encryption parameters could be determined");
return null;
} catch (final Exception e) {
throw new SamlException(e.getMessage(), e);
}
}
Also used :
lombok.val(lombok.val)
SamlException(org.apereo.cas.support.saml.SamlException)
DataEncryptionParameters(org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)
SamlException(org.apereo.cas.support.saml.SamlException)
ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException)
DecryptionException(org.apereo.cas.util.crypto.DecryptionException)
Aggregations
DataEncryptionParameters (org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)4
Encrypter (org.opensaml.saml.saml2.encryption.Encrypter)2
Credential (org.opensaml.security.credential.Credential)2
KeyEncryptionParameters (org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters)2
SneakyThrows (lombok.SneakyThrows)1
lombok.val (lombok.val)1
ResolverException (net.shibboleth.utilities.java.support.resolver.ResolverException)1
SamlException (org.apereo.cas.support.saml.SamlException)1
DecryptionException (org.apereo.cas.util.crypto.DecryptionException)1
XSString (org.opensaml.core.xml.schema.XSString)1
BasicCredential (org.opensaml.security.credential.BasicCredential)1
Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)1
