add pvp2.1 configuration fpr assertion encryption key in moa-id.properties

update handbook pvp2.1 configuration
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-04-15 13:29:20 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-04-15 13:29:20 +0200
commit: c1b2382fcecd5bc47935ad46e16824802cfadeb2 (patch)
tree: ebeb43a02d12c263cbb03f73a94341710188ca96 /id/server/idserverlib
parent: 25de471cd8bf27d0cfa084edd29018596c804861 (diff)
download: moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.tar.gz
moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.tar.bz2
moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.zip
2 files changed, 41 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
index 9f2ad2e1b..c189d44a6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
@@ -69,9 +69,9 @@ public class PVPConfiguration {
 		return instance;
 	}
 
-	public static final String PVP2_METADATA = "/pvp2/metadata";
-	public static final String PVP2_REDIRECT = "/pvp2/redirect";
-	public static final String PVP2_POST = "/pvp2/post";
+	public static final String PVP2_METADATA = 	"/pvp2/metadata";
+	public static final String PVP2_REDIRECT = 	"/pvp2/redirect";
+	public static final String PVP2_POST = 		"/pvp2/post";
 	
 	public static final String PVP_CONFIG_FILE = "pvp2config.properties";
 	
@@ -84,6 +84,9 @@ public class PVPConfiguration {
 	public static final String IDP_KEYALIASASSERTION = "idp.ks.assertion.sign.alias";	
 	public static final String IDP_KEY_PASSASSERTION = "idp.ks.assertion.sign.keypassword";
 
+	public static final String IDP_KEYALIASENCRYTPION = "sp.ks.assertion.encryption.alias";	
+	public static final String IDP_KEY_PASSENCRYTPION = "sp.ks.assertion.encryption.keypassword";
+	
 	public static final String IDP_ISSUER_NAME = "idp.issuer.name";
 
 	public static final String METADATA_FILE = "md.dir";
@@ -173,6 +176,14 @@ public class PVPConfiguration {
 		return props.getProperty(IDP_KEY_PASSASSERTION);
 	}
 
+	public String getIDPKeyAliasAssertionEncryption() {
+		return props.getProperty(IDP_KEYALIASASSERTION);
+	}
+
+	public String getIDPKeyPasswordAssertionEncryption() {
+		return props.getProperty(IDP_KEY_PASSASSERTION);
+	}
+	
 	public String getIDPIssuerName() throws ConfigurationException {
 		
 		if (moaIDVersion == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
index d95e21a0e..48e435777 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java
@@ -39,6 +39,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.KeyStoreUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class CredentialProvider {
 	
@@ -86,7 +87,32 @@ public class CredentialProvider {
 			throw new CredentialsNotAvailableException(e.getMessage(), null);
 		}
 	}
-		
+	
+	public static X509Credential getIDPAssertionEncryptionCredential()
+			throws CredentialsNotAvailableException {
+		PVPConfiguration config = PVPConfiguration.getInstance();
+		try {
+			if (keyStore == null)
+				keyStore = KeyStoreUtils.loadKeyStore(config.getIDPKeyStoreFilename(), 
+						config.getIDPKeyStorePassword());
+
+			//if no encryption key is configured return null
+			if (MiscUtil.isEmpty(config.getIDPKeyAliasAssertionEncryption()))
+				return null;
+			
+			MOAKeyStoreX509CredentialAdapter credentials = new MOAKeyStoreX509CredentialAdapter(
+					keyStore, config.getIDPKeyAliasAssertionEncryption(), config
+							.getIDPKeyPasswordAssertionEncryption().toCharArray());
+			
+			credentials.setUsageType(UsageType.ENCRYPTION);
+			return (X509Credential) credentials;
+		} catch (Exception e) {
+			Logger.error("Failed to generate IDP Assertion Encryption credentials");
+			e.printStackTrace();
+			throw new CredentialsNotAvailableException(e.getMessage(), null);
+		}
+	}
+	
 	public static Signature getIDPSignature(Credential credentials) {
 		
 		PrivateKey privatekey = credentials.getPrivateKey();
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-04-15 13:29:20 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-04-15 13:29:20 +0200
commit	c1b2382fcecd5bc47935ad46e16824802cfadeb2 (patch)
tree	ebeb43a02d12c263cbb03f73a94341710188ca96 /id/server/idserverlib
parent	25de471cd8bf27d0cfa084edd29018596c804861 (diff)
download	moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.tar.gz moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.tar.bz2 moa-id-spss-c1b2382fcecd5bc47935ad46e16824802cfadeb2.zip