private static Assertion decryptAssertion(EncryptedAssertion encryptedAssertion, Credential decryptionCredential) { final StaticKeyInfoCredentialResolver keyInfoCredentialResolver = new StaticKeyInfoCredentialResolver(decryptionCredential); final Decrypter decrypter = new Decrypter(null, keyInfoCredentialResolver, new InlineEncryptedKeyResolver()); decrypter.setRootInNewDocument(true); try { return decrypter.decrypt(encryptedAssertion); } catch (DecryptionException e) { throw new SamlException("failed to decrypt an assertion", e); } } }
private static Decrypter buildAssertionDecrypter(final WsFederationConfiguration config) { val list = new ArrayList<EncryptedKeyResolver>(); list.add(new InlineEncryptedKeyResolver()); list.add(new EncryptedElementTypeEncryptedKeyResolver()); list.add(new SimpleRetrievalMethodEncryptedKeyResolver()); LOGGER.debug("Built a list of encrypted key resolvers: [{}]", list); val encryptedKeyResolver = new ChainingEncryptedKeyResolver(list); LOGGER.debug("Building credential instance to decrypt data"); val encryptionCredential = getEncryptionCredential(config); val resolver = new StaticKeyInfoCredentialResolver(encryptionCredential); val decrypter = new Decrypter(null, resolver, encryptedKeyResolver); decrypter.setRootInNewDocument(true); return decrypter; }
/** * Build signature trust engine. * * @param wsFederationConfiguration the ws federation configuration * @return the signature trust engine */ @SneakyThrows private static SignatureTrustEngine buildSignatureTrustEngine(final WsFederationConfiguration wsFederationConfiguration) { val signingWallet = wsFederationConfiguration.getSigningWallet(); LOGGER.debug("Building signature trust engine based on the following signing certificates:"); signingWallet.forEach(c -> LOGGER.debug("Credential entity id [{}] with public key [{}]", c.getEntityId(), c.getPublicKey())); val resolver = new StaticCredentialResolver(signingWallet); val keyResolver = new StaticKeyInfoCredentialResolver(signingWallet); return new ExplicitKeySignatureTrustEngine(resolver, keyResolver); }
@Override public final Decrypter build() { final Credential encryptionCredential = this.credentialProvider.getCredential(); final KeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(encryptionCredential); final Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver); decrypter.setRootInNewDocument(true); return decrypter; } }
private Decrypter buildAssertionDecrypter(final WsFederationConfiguration config) { final List<EncryptedKeyResolver> list = new ArrayList<>(); list.add(new InlineEncryptedKeyResolver()); list.add(new EncryptedElementTypeEncryptedKeyResolver()); list.add(new SimpleRetrievalMethodEncryptedKeyResolver()); LOGGER.debug("Built a list of encrypted key resolvers: {}", list); final ChainingEncryptedKeyResolver encryptedKeyResolver = new ChainingEncryptedKeyResolver(list); LOGGER.debug("Building credential instance to decrypt data"); final Credential encryptionCredential = getEncryptionCredential(config); final KeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(encryptionCredential); final Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver); decrypter.setRootInNewDocument(true); return decrypter; } }
protected Decrypter getDecrypter(SimpleKey key) { Credential credential = getCredential(key, getCredentialsResolver(key)); KeyInfoCredentialResolver resolver = new StaticKeyInfoCredentialResolver(credential); Decrypter decrypter = new Decrypter(null, resolver, encryptedKeyResolver); decrypter.setRootInNewDocument(true); return decrypter; }
/** * Build signature trust engine. * * @param wsFederationConfiguration the ws federation configuration * @return the signature trust engine */ private SignatureTrustEngine buildSignatureTrustEngine(final WsFederationConfiguration wsFederationConfiguration) { try { final CredentialResolver resolver = new StaticCredentialResolver(wsFederationConfiguration.getSigningCertificates()); final KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver(wsFederationConfiguration.getSigningCertificates()); return new ExplicitKeySignatureTrustEngine(resolver, keyResolver); } catch (final Exception e) { throw new RuntimeException(e); } }
EncryptedAssertion encryptedAssertion) throws SSOException { try { KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver( new X509CredentialImplementation(ssoAgentX509Credential)); decrypter = new Decrypter(new StaticKeyInfoCredentialResolver(shared), null, null); decrypter.setRootInNewDocument(true);
private static Assertion decryptAssertion(EncryptedAssertion encryptedAssertion, Credential decryptionCredential) { final StaticKeyInfoCredentialResolver keyInfoCredentialResolver = new StaticKeyInfoCredentialResolver(decryptionCredential); final Decrypter decrypter = new Decrypter(null, keyInfoCredentialResolver, new InlineEncryptedKeyResolver()); decrypter.setRootInNewDocument(true); try { return decrypter.decrypt(encryptedAssertion); } catch (DecryptionException e) { throw new SamlException("failed to decrypt an assertion", e); } } }
val keyResolver = new StaticKeyInfoCredentialResolver(c); val trustEngine = new ExplicitKeySignatureTrustEngine(resolver, keyResolver); validationParams.setSignatureTrustEngine(trustEngine);