Example 1 with KeyEncryptionParameters
use of org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters in project cas by apereo.
the class SamlObjectEncrypter method getKeyEncryptionParameters.
/**
* Gets key encryption parameters.
*
* @param samlObject the saml object
* @param service the service
* @param adaptor the adaptor
* @param credential the credential
* @return the key encryption parameters
*/
protected KeyEncryptionParameters getKeyEncryptionParameters(final Assertion samlObject, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final Credential credential) {
final KeyEncryptionParameters keyEncParams = new KeyEncryptionParameters();
keyEncParams.setRecipient(adaptor.getEntityId());
keyEncParams.setEncryptionCredential(credential);
keyEncParams.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
return keyEncParams;
}
Also used :
KeyEncryptionParameters(org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters)
Example 2 with KeyEncryptionParameters
use of org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters in project cas by apereo.
the class SamlObjectEncrypter method encode.
/**
* Encode a given saml object by invoking a number of outbound security handlers on the context.
*
* @param samlObject the saml object
* @param service the service
* @param adaptor the adaptor
* @param response the response
* @param request the request
* @return the t
* @throws SamlException the saml exception
*/
public EncryptedAssertion encode(final Assertion samlObject, final SamlRegisteredService service, final SamlRegisteredServiceServiceProviderMetadataFacade adaptor, final HttpServletResponse response, final HttpServletRequest request) throws SamlException {
try {
LOGGER.debug("Attempting to encrypt [{}] for [{}]", samlObject.getClass().getName(), adaptor.getEntityId());
final Credential credential = getKeyEncryptionCredential(adaptor.getEntityId(), adaptor, service);
LOGGER.info("Found encryption public key: [{}]", EncodingUtils.encodeBase64(credential.getPublicKey().getEncoded()));
final KeyEncryptionParameters keyEncParams = getKeyEncryptionParameters(samlObject, service, adaptor, credential);
LOGGER.debug("Key encryption algorithm for [{}] is [{}]", keyEncParams.getRecipient(), keyEncParams.getAlgorithm());
final DataEncryptionParameters dataEncParams = getDataEncryptionParameters(samlObject, service, adaptor);
LOGGER.debug("Data encryption algorithm for [{}] is [{}]", adaptor.getEntityId(), dataEncParams.getAlgorithm());
final Encrypter encrypter = getEncrypter(samlObject, service, adaptor, keyEncParams, dataEncParams);
LOGGER.debug("Attempting to encrypt [{}] for [{}] with key placement of [{}]", samlObject.getClass().getName(), adaptor.getEntityId(), encrypter.getKeyPlacement());
return encrypter.encrypt(samlObject);
} catch (final Exception e) {
throw new SamlException(e.getMessage(), e);
}
}
Also used :
Encrypter(org.opensaml.saml.saml2.encryption.Encrypter)
KeyEncryptionParameters(org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters)
Credential(org.opensaml.security.credential.Credential)
SamlException(org.apereo.cas.support.saml.SamlException)
DataEncryptionParameters(org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)
SamlException(org.apereo.cas.support.saml.SamlException)
Aggregations
KeyEncryptionParameters (org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters)2
SamlException (org.apereo.cas.support.saml.SamlException)1
Encrypter (org.opensaml.saml.saml2.encryption.Encrypter)1
Credential (org.opensaml.security.credential.Credential)1
DataEncryptionParameters (org.opensaml.xmlsec.encryption.support.DataEncryptionParameters)1
