String algorithm = encryptedData.getEncryptionMethod().getAlgorithm(); if (DatatypeHelper.isEmpty(algorithm)) { String msg = "EncryptedData's EncryptionMethod Algorithm attribute was empty, "
String algorithm = encryptedData.getEncryptionMethod().getAlgorithm(); if (DatatypeHelper.isEmpty(algorithm)) { String msg = "EncryptedData's EncryptionMethod Algorithm attribute was empty, "
Decrypter decrypter = new Decrypter(null, keyResolver, null); SecretKey dkey = (SecretKey) decrypter.decryptKey(key, encryptedAssertion.getEncryptedData(). getEncryptionMethod().getAlgorithm()); Credential shared = SecurityHelper.getSimpleCredential(dkey); decrypter = new Decrypter(new StaticKeyInfoCredentialResolver(shared), null, null);
/** * To get the decrypted assertion. * @param encryptedAssertion encrypted assertion * @param domainName userstore domain name * @return encrypted SAML assertion * @throws SAML2SSOUIAuthenticatorException */ public static Assertion getDecryptedAssertion(EncryptedAssertion encryptedAssertion, String domainName) throws SAML2SSOUIAuthenticatorException { X509Credential credential = getX509CredentialImplForTenant(domainName); try { KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver(credential); EncryptedKey key = encryptedAssertion.getEncryptedData().getKeyInfo().getEncryptedKeys().get(0); Decrypter decrypter = new Decrypter(null, keyResolver, null); SecretKey dkey = (SecretKey) decrypter.decryptKey(key, encryptedAssertion.getEncryptedData(). getEncryptionMethod().getAlgorithm()); Credential shared = SecurityHelper.getSimpleCredential(dkey); decrypter = new Decrypter(new StaticKeyInfoCredentialResolver(shared), null, null); decrypter.setRootInNewDocument(true); return decrypter.decrypt(encryptedAssertion); } catch (DecryptionException e) { throw new SAML2SSOUIAuthenticatorException("Error while decrypting the saml response.", e); } }
/** * Get Decrypted Assertion * * @param encryptedAssertion * @return * @throws Exception */ protected Assertion getDecryptedAssertion(EncryptedAssertion encryptedAssertion) throws SSOAgentException { try { KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver( new X509CredentialImpl(ssoAgentConfig.getSAML2().getSSOAgentX509Credential())); EncryptedKey key = encryptedAssertion.getEncryptedData(). getKeyInfo().getEncryptedKeys().get(0); Decrypter decrypter = new Decrypter(null, keyResolver, null); SecretKey dkey = (SecretKey) decrypter.decryptKey(key, encryptedAssertion.getEncryptedData(). getEncryptionMethod().getAlgorithm()); Credential shared = SecurityHelper.getSimpleCredential(dkey); decrypter = new Decrypter(new StaticKeyInfoCredentialResolver(shared), null, null); decrypter.setRootInNewDocument(true); return decrypter.decrypt(encryptedAssertion); } catch (Exception e) { throw new SSOAgentException("Decrypted assertion error", e); } }
/** * Get Decrypted Assertion * * @param encryptedAssertion * @return * @throws Exception */ protected Assertion getDecryptedAssertion(EncryptedAssertion encryptedAssertion) throws SSOAgentException { try { KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver( new X509CredentialImpl(ssoAgentConfig.getSAML2().getSSOAgentX509Credential())); EncryptedKey key = encryptedAssertion.getEncryptedData(). getKeyInfo().getEncryptedKeys().get(0); Decrypter decrypter = new Decrypter(null, keyResolver, null); SecretKey dkey = (SecretKey) decrypter.decryptKey(key, encryptedAssertion.getEncryptedData(). getEncryptionMethod().getAlgorithm()); Credential shared = SecurityHelper.getSimpleCredential(dkey); decrypter = new Decrypter(new StaticKeyInfoCredentialResolver(shared), null, null); decrypter.setRootInNewDocument(true); return decrypter.decrypt(encryptedAssertion); } catch (Exception e) { throw new SSOAgentException("Decrypted assertion error", e); } }