use of uk.gov.ida.saml.security.DecrypterFactory in project verify-hub by alphagov.
the class SamlEngineModule method getAES256WithGCMAssertionDecrypter.
@Provides
@Named("AES256DecrypterWithGCM")
private AssertionDecrypter getAES256WithGCMAssertionDecrypter(IdaKeyStore keyStore) {
IdaKeyStoreCredentialRetriever idaKeyStoreCredentialRetriever = new IdaKeyStoreCredentialRetriever(keyStore);
Decrypter decrypter = new DecrypterFactory().createDecrypter(idaKeyStoreCredentialRetriever.getDecryptingCredentials());
return new AssertionDecrypter(new EncryptionAlgorithmValidator(ImmutableSet.of(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256, EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM)), decrypter);
}
use of uk.gov.ida.saml.security.DecrypterFactory in project verify-hub by alphagov.
the class AssertionDecrypter method decrypt.
private Assertion decrypt(EncryptedAssertion encryptedAssertion) {
Decrypter decrypter = new DecrypterFactory().createDecrypter(List.of(new BasicCredential(publicKey, privateKey)));
decrypter.setRootInNewDocument(true);
try {
return decrypter.decrypt(encryptedAssertion);
} catch (DecryptionException e) {
throw new RuntimeException(e);
}
}
use of uk.gov.ida.saml.security.DecrypterFactory in project verify-hub by alphagov.
the class AuthnRequestFromRelyingPartyUnmarshallerTest method setUp.
@BeforeAll
public static void setUp() {
final BasicCredential basicCredential = createBasicCredential();
encrypter = new EncrypterFactory().createEncrypter(basicCredential);
unmarshaller = new AuthnRequestFromRelyingPartyUnmarshaller(new DecrypterFactory().createDecrypter(List.of(basicCredential)));
}
use of uk.gov.ida.saml.security.DecrypterFactory in project verify-hub by alphagov.
the class AssertionDecrypter method decryptAssertions.
public List<Assertion> decryptAssertions(Response response) {
KeyPair encryptionKeyPair = new KeyPair(publicKey, privateKey);
KeyPair signingKeyPair = new KeyPair(publicKey, privateKey);
IdaKeyStore keyStore = new IdaKeyStore(signingKeyPair, Collections.singletonList(encryptionKeyPair));
IdaKeyStoreCredentialRetriever idaKeyStoreCredentialRetriever = new IdaKeyStoreCredentialRetriever(keyStore);
Decrypter decrypter = new DecrypterFactory().createDecrypter(idaKeyStoreCredentialRetriever.getDecryptingCredentials());
Set<String> contentEncryptionAlgorithms = Set.of(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256, EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM);
Set<String> keyTransportAlgorithms = Set.of(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP, EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP11);
uk.gov.ida.saml.security.AssertionDecrypter assertionDecrypter = new uk.gov.ida.saml.security.AssertionDecrypter(new EncryptionAlgorithmValidator(contentEncryptionAlgorithms, keyTransportAlgorithms), decrypter);
return assertionDecrypter.decryptAssertions(new ValidatedResponse(response));
}
Aggregations