summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_idp/src
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-05 09:02:13 +0100
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-02-05 09:02:13 +0100
commit5a1eca23a9b35541b7b1955b83b47e0af983d5dd (patch)
treeea9045f10af6ba12f02777b2b6a3ff3f7fd5557b /eaaf_modules/eaaf_module_pvp2_idp/src
parente7610325ee2f1d1f4e97e1e7a9b212e692836b5a (diff)
downloadEAAF-Components-5a1eca23a9b35541b7b1955b83b47e0af983d5dd.tar.gz
EAAF-Components-5a1eca23a9b35541b7b1955b83b47e0af983d5dd.tar.bz2
EAAF-Components-5a1eca23a9b35541b7b1955b83b47e0af983d5dd.zip
add Trusted-Certificates method to AbstractCredentialProvider
add jUnit tests for AbstractCredentialProvider change method names in AbstractCredentialProvider
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_idp/src')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java2
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java2
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java35
3 files changed, 10 insertions, 29 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
index 1ef7da29..29bbac1e 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
@@ -194,7 +194,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
relayState = pvpRequest.getRequest().getRelayState();
}
- final EaafX509Credential signCred = pvpIdpCredentials.getIdpAssertionSigningCredential();
+ final EaafX509Credential signCred = pvpIdpCredentials.getMessageSigningCredential();
encoder.encodeResponse(request, response, samlResponse, pvpRequest.getConsumerUrl(), relayState,
signCred, protocolRequest);
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
index c0190959..d138ba3a 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
@@ -129,7 +129,7 @@ public class AuthenticationAction implements IAction {
}
binding.encodeResponse(httpReq, httpResp, authResponse, consumerService.getLocation(),
- moaRequest.getRelayState(), pvpIdpCredentials.getIdpAssertionSigningCredential(), req);
+ moaRequest.getRelayState(), pvpIdpCredentials.getMessageSigningCredential(), req);
revisionsLogger.logEvent(req, 3105, authResponse.getID());
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
index 55e3e8b4..565f28fb 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
@@ -19,9 +19,6 @@
package at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder;
-import java.security.PublicKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.List;
@@ -134,7 +131,14 @@ public class AuthResponseBuilder {
X509Credential encryptionCredentials, IConfiguration authConfig)
throws InvalidAssertionEncryptionException {
try {
- final String keyEncAlg = selectKeyEncryptionAlgorithm(encryptionCredentials, authConfig);
+ final String keyEncAlg = Saml2Utils.getKeyOperationAlgorithmFromCredential(
+ encryptionCredentials,
+ authConfig.getBasicConfiguration(
+ PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG,
+ PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA),
+ authConfig.getBasicConfiguration(
+ PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG,
+ PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_EC));
final DataEncryptionParameters dataEncParams = new DataEncryptionParameters();
dataEncParams.setAlgorithm(authConfig.getBasicConfiguration(
@@ -164,29 +168,6 @@ public class AuthResponseBuilder {
}
- private static String selectKeyEncryptionAlgorithm(X509Credential encryptionCredentials,
- IConfiguration authConfig) throws SamlSigningException {
- final PublicKey privatekey = encryptionCredentials.getPublicKey();
- if (privatekey instanceof RSAPublicKey) {
- return authConfig.getBasicConfiguration(
- PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG,
- PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA);
-
- } else if (privatekey instanceof ECPublicKey) {
- return authConfig.getBasicConfiguration(
- PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG,
- PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_EC);
-
- } else {
- log.warn("Could NOT evaluate the Private-Key type from " + encryptionCredentials.getEntityId()
- + " credential.");
- throw new SamlSigningException("internal.pvp.97",
- new Object[] { encryptionCredentials.getEntityId(), privatekey.getClass().getName() });
-
- }
-
- }
-
private static X509Credential resolveEncryptionCredential(RequestAbstractType req,
IPvp2MetadataProvider metadataProvider) throws InvalidAssertionEncryptionException {
try {