aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id/auth
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java40
1 files changed, 36 insertions, 4 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
index 49baf1bf5..dd44419da 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java
@@ -19,6 +19,7 @@ import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.XPathUtils;
+import at.gv.egovernment.moa.id.util.ECDSAKeyValueConverter;
/**
* Parses an identity link <code>&lt;saml:Assertion&gt;</code>
@@ -118,6 +119,20 @@ public class IdentityLinkAssertionParser {
+ "AttributeValue/"
+ DSIG
+ "RSAKeyValue";
+
+ /** Xpath expression to the ECKeyValue element */
+ private static final String ECDSA_KEY_VALUE_XPATH =
+ ROOT
+ + SAML
+ + "AttributeStatement/"
+ + SAML
+ + "Attribute/"
+ + SAML
+ + "AttributeValue/"
+ + ECDSA
+ + "ECDSAKeyValue";
+
+
/** Xpath expression to the RSA Modulus element */
private static final String RSA_KEY_MODULUS_XPATH = DSIG + "Modulus";
/** Xpath expression to the RSA Exponent element */
@@ -228,14 +243,15 @@ public class IdentityLinkAssertionParser {
* @return RSAPublicKey[]
* @throws IOException can occur when decoding the base64 values of the modulus and exponent
*/
- public PublicKey[] getPublicKeys() throws IOException{
+ public PublicKey[] getPublicKeys() throws IOException, ECDSAConverterException{
List pubKeys = new ArrayList();
//Try to get RSA-Keys
NodeIterator rsaIter =
- XPathUtils.selectNodeIterator(assertionElem, RSA_KEY_VALUE_XPATH);
+ XPathUtils.selectNodeIterator(assertionElem, Constants.nSMap, RSA_KEY_VALUE_XPATH);
Element rsaElem;
+
while ((rsaElem = (Element) rsaIter.nextNode()) != null) {
String modulus =
XPathUtils.getElementValue(rsaElem, RSA_KEY_MODULUS_XPATH, "");
@@ -246,10 +262,26 @@ public class IdentityLinkAssertionParser {
new iaik.security.rsa.RSAPublicKey(
new BigInteger(1, Base64Utils.decode(modulus, true)),
new BigInteger(1, Base64Utils.decode(exponent, true)));
- pubKeys.add(resPub);}
+ pubKeys.add(resPub);
+ }
+
+ //Try to get ECDSA-Keys
+ NodeIterator ecdsaIter =
+ XPathUtils.selectNodeIterator(assertionElem, Constants.nSMap, ECDSA_KEY_VALUE_XPATH);
+ Element ecdsaElem;
+ PublicKey ecPubKey = null;
+ while ((ecdsaElem = (Element) ecdsaIter.nextNode()) != null) {
+ try {
+ ecPubKey = ECDSAKeyValueConverter.element2ECDSAPublicKey(ecdsaElem);
+ pubKeys.add(ecPubKey);
+ }
+ catch(Exception e) {
+ //TODO test
+ throw new ECDSAConverterException("parser.03", new Object[] { e.toString() }, e);
+ }
+ }
PublicKey[] result = new PublicKey[pubKeys.size()];
-
pubKeys.toArray(result);
return result;