From 5a1eca23a9b35541b7b1955b83b47e0af983d5dd Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 5 Feb 2020 09:02:13 +0100
Subject: add Trusted-Certificates method to AbstractCredentialProvider add
 jUnit tests for AbstractCredentialProvider change method names in
 AbstractCredentialProvider

---
 .../pvp2/idp/impl/builder/AuthResponseBuilder.java | 35 +++++-----------------
 1 file changed, 8 insertions(+), 27 deletions(-)

(limited to 'eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java')

diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
index 55e3e8b4..565f28fb 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/AuthResponseBuilder.java
@@ -19,9 +19,6 @@
 
 package at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder;
 
-import java.security.PublicKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.interfaces.RSAPublicKey;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -134,7 +131,14 @@ public class AuthResponseBuilder {
       X509Credential encryptionCredentials, IConfiguration authConfig)
       throws InvalidAssertionEncryptionException {
     try {
-      final String keyEncAlg = selectKeyEncryptionAlgorithm(encryptionCredentials, authConfig);
+      final String keyEncAlg = Saml2Utils.getKeyOperationAlgorithmFromCredential(
+          encryptionCredentials,
+          authConfig.getBasicConfiguration(
+              PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG,
+              PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA),
+          authConfig.getBasicConfiguration(
+              PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG,
+              PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_EC));
 
       final DataEncryptionParameters dataEncParams = new DataEncryptionParameters();
       dataEncParams.setAlgorithm(authConfig.getBasicConfiguration(
@@ -164,29 +168,6 @@ public class AuthResponseBuilder {
 
   }
 
-  private static String selectKeyEncryptionAlgorithm(X509Credential encryptionCredentials,
-      IConfiguration authConfig) throws SamlSigningException {
-    final PublicKey privatekey = encryptionCredentials.getPublicKey();
-    if (privatekey instanceof RSAPublicKey) {
-      return authConfig.getBasicConfiguration(
-          PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_RSA_ALG,
-          PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_RSA);
-
-    } else if (privatekey instanceof ECPublicKey) {
-      return authConfig.getBasicConfiguration(
-          PvpConstants.CONFIG_PROP_SEC_ENCRYPTION_KEY_EC_ALG,
-          PvpConstants.DEFAULT_ASYM_ENCRYPTION_METHODE_EC);
-
-    } else {
-      log.warn("Could NOT evaluate the Private-Key type from " + encryptionCredentials.getEntityId()
-          + " credential.");
-      throw new SamlSigningException("internal.pvp.97",
-          new Object[] { encryptionCredentials.getEntityId(), privatekey.getClass().getName() });
-
-    }
-
-  }
-
   private static X509Credential resolveEncryptionCredential(RequestAbstractType req,
       IPvp2MetadataProvider metadataProvider) throws InvalidAssertionEncryptionException {
     try {
-- 
cgit v1.2.3