SAML2 assertion encryption using public key (opensaml)

StackOverflow https://stackoverflow.com/questions/10598066

Question

I've recently tried to encrypt Saml2 assertion using relaying-party service public key. Unfortunately I can't finalise even the test phase

here is my code

public class EncryptionTest {

public static void main(String args[]){
    try {

    // The Assertion to be encrypted
        FileInputStream fis;
        DataInputStream in, in2;

        File f = new File("src/main/resources/AssertionTest");
        byte[] buffer = new byte[(int) f.length()];
        in = new DataInputStream(new FileInputStream(f));
        in.readFully(buffer);
        in.close();

        //Assertion = DataInputStream.readUTF(in);
        String in_assert = new String(buffer);  

        System.out.println(in_assert);

    org.apache.axiom.om.OMElement OMElementAssertion = org.apache.axiom.om.util.AXIOMUtil.stringToOM(in_assert);
    Assertion assertion = convertOMElementToAssertion2(OMElementAssertion);

    // Assume this contains a recipient's RSA public key
    Credential keyEncryptionCredential;

    keyEncryptionCredential = getCredentialFromFilePath("src/main/resources/cert.pem");


    EncryptionParameters encParams = new EncryptionParameters();
    encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);

    KeyEncryptionParameters kekParams = new KeyEncryptionParameters();
    kekParams.setEncryptionCredential(keyEncryptionCredential);
    kekParams.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP);
    KeyInfoGeneratorFactory kigf =
        Configuration.getGlobalSecurityConfiguration()
        .getKeyInfoGeneratorManager().getDefaultManager()
        .getFactory(keyEncryptionCredential);
    kekParams.setKeyInfoGenerator(kigf.newInstance());

    Encrypter samlEncrypter = new Encrypter(encParams, kekParams);
    samlEncrypter.setKeyPlacement(KeyPlacement.PEER);

    EncryptedAssertion encryptedAssertion = samlEncrypter.encrypt(assertion);

     System.out.println(encryptedAssertion);

    } catch (EncryptionException e) {
        e.printStackTrace();
    } catch (CertificateException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    } catch (KeyException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    } catch (IOException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    } catch (XMLStreamException e2) {
        // TODO Auto-generated catch block
        e2.printStackTrace();
    }


}

  public static Credential getCredentialFromFilePath(String certPath) throws IOException, CertificateException, KeyException {
      InputStream inStream = new FileInputStream(certPath);
      CertificateFactory cf = CertificateFactory.getInstance("X.509");
      Certificate cert =  cf.generateCertificate(inStream);
      inStream.close();

      //"Show yourself!"
      System.out.println(cert.toString());

      BasicX509Credential cred = new BasicX509Credential();
      cred.setEntityCertificate((java.security.cert.X509Certificate) cert);
      cred.setPrivateKey(null);

      //System.out.println(cred.toString());

       return cred;

      //return (Credential) org.opensaml.xml.security.SecurityHelper.getSimpleCredential( (X509Certificate) cert, privatekey);
  }

  public static Assertion convertOMElementToAssertion2(OMElement element) {

        Element assertionSAMLDOOM = (Element) new StAXOMBuilder(DOOMAbstractFactory.getOMFactory(), element.getXMLStreamReader()).getDocumentElement();
        try {
          UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
          Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(Assertion.DEFAULT_ELEMENT_NAME);

         return (Assertion) unmarshaller.unmarshall(assertionSAMLDOOM);      
        } catch (Exception e1) {
            System.out.println("error: " + e1.toString());
        }
        return null;
      }



}

I constantly recive Null pointer exception in

    KeyInfoGeneratorFactory kigf =
        Configuration.getGlobalSecurityConfiguration()
        .getKeyInfoGeneratorManager().getDefaultManager()
        .getFactory(keyEncryptionCredential);
    kekParams.setKeyInfoGenerator(kigf.newInstance());

How can I set GlobalSecurityConfiguration or is there different approach of encrypting Assertion which will work?

Was it helpful?

Solution

This question was laying open for too long. The problem was initialization of OpenSaml. Simple 

DefaultBootstrap.bootstrap();

helped and solved problem.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top