/** * Generate a random symmetric encryption key. * * @param encryptionAlgorithmURI the encryption algorithm URI * @return a randomly generated symmetric key * @throws EncryptionException thrown if the key can not be generated based on the specified algorithm URI */ protected SecretKey generateEncryptionKey(String encryptionAlgorithmURI) throws EncryptionException { try { log.debug("Generating random symmetric data encryption key from algorithm URI: {}", encryptionAlgorithmURI); return SecurityHelper.generateSymmetricKey(encryptionAlgorithmURI); } catch (NoSuchAlgorithmException e) { log.error("Could not generate encryption key, algorithm URI was invalid: " + encryptionAlgorithmURI); throw new EncryptionException("Could not generate encryption key, algorithm URI was invalid: " + encryptionAlgorithmURI); } catch (KeyException e) { log.error("Could not generate encryption key from algorithm URI: " + encryptionAlgorithmURI); throw new EncryptionException("Could not generate encryption key from algorithm URI: " + encryptionAlgorithmURI); } }
/** * Generate a random symmetric encryption key. * * @param encryptionAlgorithmURI the encryption algorithm URI * @return a randomly generated symmetric key * @throws EncryptionException thrown if the key can not be generated based on the specified algorithm URI */ protected SecretKey generateEncryptionKey(String encryptionAlgorithmURI) throws EncryptionException { try { log.debug("Generating random symmetric data encryption key from algorithm URI: {}", encryptionAlgorithmURI); return SecurityHelper.generateSymmetricKey(encryptionAlgorithmURI); } catch (NoSuchAlgorithmException e) { log.error("Could not generate encryption key, algorithm URI was invalid: " + encryptionAlgorithmURI); throw new EncryptionException("Could not generate encryption key, algorithm URI was invalid: " + encryptionAlgorithmURI); } catch (KeyException e) { log.error("Could not generate encryption key from algorithm URI: " + encryptionAlgorithmURI); throw new EncryptionException("Could not generate encryption key from algorithm URI: " + encryptionAlgorithmURI); } }
@Override public EncryptedAssertion doEncryptedAssertion(Assertion assertion, X509Credential cred, String alias, String encryptionAlgorithm) throws IdentityException { try { Credential symmetricCredential = SecurityHelper.getSimpleCredential( SecurityHelper.generateSymmetricKey(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256)); EncryptionParameters encParams = new EncryptionParameters(); encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256); encParams.setEncryptionCredential(symmetricCredential); KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters(); keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15); keyEncryptionParameters.setEncryptionCredential(cred); Encrypter encrypter = new Encrypter(encParams, keyEncryptionParameters); encrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE); EncryptedAssertion encrypted = encrypter.encrypt(assertion); return encrypted; } catch (Exception e) { throw IdentityException.error("Error while Encrypting Assertion", e); } } }
@Override public EncryptedAssertion doEncryptedAssertion(Assertion assertion, X509Credential cred, String alias, String encryptionAlgorithm) throws IdentityException { try { Credential symmetricCredential = SecurityHelper.getSimpleCredential( SecurityHelper.generateSymmetricKey(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256)); EncryptionParameters encParams = new EncryptionParameters(); encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256); encParams.setEncryptionCredential(symmetricCredential); KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters(); keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15); keyEncryptionParameters.setEncryptionCredential(cred); Encrypter encrypter = new Encrypter(encParams, keyEncryptionParameters); encrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE); EncryptedAssertion encrypted = encrypter.encrypt(assertion); return encrypted; } catch (Exception e) { throw IdentityException.error("Error while Encrypting Assertion", e); } } }
try { symmetricCredential = SecurityHelper.getSimpleCredential( SecurityHelper.generateSymmetricKey("http://www.w3.org/2001/04/xmlenc#aes256-cbc")); } catch (NoSuchAlgorithmException | KeyException e) { SAML2SSOResponseBuilderException ex =