From d41afe91ee59daf6b5f5037cecac52900fe2ccb2 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 31 Jan 2020 20:41:54 +0100 Subject: a lot of more OpenSAML3 refactoring staff This version is also NOT stable! --- .../at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java | 33 +++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java') diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java index 979a61d5..b1ac8e75 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java @@ -28,19 +28,33 @@ import javax.xml.namespace.QName; import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions; import at.gv.egiz.eaaf.core.impl.data.Triple; +import org.apache.xml.security.algorithms.MessageDigestAlgorithm; +import org.apache.xml.security.signature.XMLSignature; import org.opensaml.xmlsec.encryption.support.EncryptionConstants; import org.opensaml.xmlsec.signature.support.SignatureConstants; +import com.google.common.collect.ImmutableMap; + public interface PvpConstants extends PvpAttributeDefinitions { + //module configuration parameters + String CONFIG_PROP_SEC_SIGNING_RSA_ALG = "pvp2.security.alg.signing.rsa"; + String CONFIG_PROP_SEC_SIGNING_EC_ALG = "pvp2.security.alg.signing.ec"; - String DEFAULT_SIGNING_METHODE = + //Default values + String DEFAULT_SIGNING_METHODE_RSA = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256; + String DEFAULT_SIGNING_METHODE_EC = + SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256; + String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256; + String DEFAULT_SYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256; String DEFAULT_ASYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP; + + //PVP entity categories String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category"; String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken"; String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken"; @@ -136,4 +150,21 @@ public interface PvpConstants extends PvpAttributeDefinitions { QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE = new QName(EIDAT10_SAML_NS, "AttributeValue", EIDAT10_PREFIX); + ImmutableMap SIGNATURE_TO_DIGEST_ALGORITHM_MAP = + ImmutableMap.builder() + .put(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256, SignatureConstants.ALGO_ID_DIGEST_SHA256) + .put(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA384, SignatureConstants.ALGO_ID_DIGEST_SHA384) + .put(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA512, SignatureConstants.ALGO_ID_DIGEST_SHA512) + .put(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256, SignatureConstants.ALGO_ID_DIGEST_SHA256) + .put(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA384, SignatureConstants.ALGO_ID_DIGEST_SHA384) + .put(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA512, SignatureConstants.ALGO_ID_DIGEST_SHA512) + .put(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256_MGF1, SignatureConstants.ALGO_ID_DIGEST_SHA256) + .put(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA384_MGF1, SignatureConstants.ALGO_ID_DIGEST_SHA384) + .put(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA512_MGF1, SignatureConstants.ALGO_ID_DIGEST_SHA512) + .put(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_256) + .put(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_384_MGF1, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_384) + .put(XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA3_512) + + .build(); + } -- cgit v1.2.3