summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv
diff options
context:
space:
mode:
authorThomas <>2023-01-18 13:46:22 +0100
committerThomas <>2023-01-18 13:46:22 +0100
commit19a717e5684ea7cac8a39d24263cde0825c95968 (patch)
tree8d31979c0cebd5c8f841a739c6c6b3ad05650582 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv
parent4a6a9f69d15d4a517af075b31e06ae73a1aa3262 (diff)
downloadEAAF-Components-19a717e5684ea7cac8a39d24263cde0825c95968.tar.gz
EAAF-Components-19a717e5684ea7cac8a39d24263cde0825c95968.tar.bz2
EAAF-Components-19a717e5684ea7cac8a39d24263cde0825c95968.zip
fix(saml2): support XML decryption by using key from HSM-Facade
Details: openSAML4 uses org.apache.xml.security.algorithms.JCEMapper to define JCE cryptoprovider for openSAML crypto. operations. However, this JCEMapper is not used for openSAML Decrypter, so it must be set manually.
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java4
1 files changed, 3 insertions, 1 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
index 60800eb2..6cace5cb 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
@@ -30,6 +30,7 @@ import javax.xml.validation.Schema;
import javax.xml.validation.Validator;
import org.apache.commons.lang3.StringUtils;
+import org.apache.xml.security.algorithms.JCEMapper;
import org.joda.time.DateTime;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.core.xml.io.MarshallingException;
@@ -375,7 +376,8 @@ public class SamlVerificationEngine {
final Decrypter samlDecrypter = new Decrypter(null,
new StaticKeyInfoCredentialResolver(assertionDecryption),
new ChainingEncryptedKeyResolver(listOfKeyResolvers));
-
+ samlDecrypter.setJCAProviderName(JCEMapper.getProviderId());
+
for (final EncryptedAssertion encAssertion : encryAssertionList) {
saml2assertions.add(samlDecrypter.decrypt(encAssertion));
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 02:50:19 +0000