aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2017-02-07 12:27:50 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2017-02-07 12:27:50 +0100
commit6b79e38bc56d239ad4d1b3f4d52a2e74e6daf45d (patch)
tree1c7bc0aa3949b95237019891bbbcc1d51ff67450
parente25d9bfa5fb81fd275706fb7cbee21fe5add5b19 (diff)
downloadmoa-id-spss-6b79e38bc56d239ad4d1b3f4d52a2e74e6daf45d.tar.gz
moa-id-spss-6b79e38bc56d239ad4d1b3f4d52a2e74e6daf45d.tar.bz2
moa-id-spss-6b79e38bc56d239ad4d1b3f4d52a2e74e6daf45d.zip
fix some bugs in eIDAS SAML-engine metadata generator
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java9
1 files changed, 6 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java
index 171d5c8e2..8faaf1874 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java
@@ -477,7 +477,7 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {
X509Certificate decryptionCertificate = engine.getDecryptionCertificate();
if (null != decryptionCertificate) {
- params.setEncryptionCredential(CertificateUtil.toCredential(decryptionCertificate));
+ params.setSpEncryptionCredential(CertificateUtil.toCredential(decryptionCertificate));
}
params.setSigningCredential(CertificateUtil.toCredential(engine.getSigningCertificate()));
params.setIdpEngine(engine);
@@ -542,7 +542,10 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {
Set<String> signatureMethods = EIDASUtil.parseSemicolonSeparatedList(params.getDigestMethods());
Set<String> digestMethods = new HashSet<String>();
for (String signatureMethod : signatureMethods) {
- digestMethods.add(CertificateUtil.validateDigestAlgorithm(signatureMethod));
+
+ //BUGFIX: eIDAS implementation does not allow MGF1 signature schemes
+ digestMethods.add(signatureMethod);
+ //digestMethods.add(CertificateUtil.validateDigestAlgorithm(signatureMethod));
}
for (String digestMethod : digestMethods) {
final DigestMethod dm = (DigestMethod) BuilderFactoryUtil.buildXmlObject(DigestMethod.DEF_ELEMENT_NAME);
@@ -581,7 +584,7 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {
generateDigest(eidasExtensions);
if (!StringUtils.isEmpty(params.getSigningMethods())) {
- Set<String> signMethods = EIDASUtil.parseSemicolonSeparatedList(params.getDigestMethods());
+ Set<String> signMethods = EIDASUtil.parseSemicolonSeparatedList(params.getSigningMethods());
for (String signMethod : signMethods) {
final SigningMethod sm =
(SigningMethod) BuilderFactoryUtil.buildXmlObject(SigningMethod.DEF_ELEMENT_NAME);