@Test public void testWithAlgorithmOverrides() throws ResolverException { roleDesc .getKeyDescriptors() .add(buildKeyDescriptor(rsaCred1KeyName, UsageType.ENCRYPTION, rsaCred1.getPublicKey())); config2.setDataEncryptionAlgorithms( Collections.singletonList(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256)); config2.setKeyTransportEncryptionAlgorithms( Collections.singletonList(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15)); EncryptionParameters params = resolver.resolveSingle(criteriaSet); Assert.assertNotNull(params); Assert.assertEquals( params.getKeyTransportEncryptionCredential().getPublicKey(), rsaCred1.getPublicKey()); Assert.assertEquals( params.getKeyTransportEncryptionAlgorithm(), EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15); Assert.assertNotNull(params.getKeyTransportKeyInfoGenerator()); Assert.assertNull(params.getDataEncryptionCredential()); Assert.assertEquals( params.getDataEncryptionAlgorithm(), EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256); Assert.assertNull(params.getDataKeyInfoGenerator()); }
@Test public void testNoKeyTransportAlgorithms() throws ResolverException { roleDesc .getKeyDescriptors() .add(buildKeyDescriptor(rsaCred1KeyName, UsageType.ENCRYPTION, rsaCred1.getPublicKey())); config3.setKeyTransportEncryptionAlgorithms(new ArrayList<String>()); EncryptionParameters params = resolver.resolveSingle(criteriaSet); Assert.assertNull(params); }
@BeforeMethod public void setUp() throws ComponentInitializationException { mdCredResolver = new MetadataCredentialResolver(); mdCredResolver.setKeyInfoCredentialResolver(SAMLTestSupport.buildBasicInlineKeyInfoResolver()); mdCredResolver.initialize(); resolver = new SAMLMetadataEncryptionParametersResolver(mdCredResolver); config1 = new BasicEncryptionConfiguration(); config2 = new BasicEncryptionConfiguration(); config3 = new BasicEncryptionConfiguration(); // Set these as defaults on the last config in the chain, just so don't have to set in every // test. config3.setDataEncryptionAlgorithms( Arrays.asList( defaultAES128DataAlgo, defaultAES192DataAlgo, defaultAES256DataAlgo, EncryptionConstants.ALGO_ID_BLOCKCIPHER_TRIPLEDES, EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM, EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM, EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM)); config3.setKeyTransportEncryptionAlgorithms( Arrays.asList( defaultRSAKeyTransportAlgo, EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15, EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP11, EncryptionConstants.ALGO_ID_KEYWRAP_AES128, EncryptionConstants.ALGO_ID_KEYWRAP_AES192, EncryptionConstants.ALGO_ID_KEYWRAP_AES256, EncryptionConstants.ALGO_ID_KEYWRAP_TRIPLEDES)); BasicKeyInfoGeneratorFactory basicFactory1 = new BasicKeyInfoGeneratorFactory(); X509KeyInfoGeneratorFactory x509Factory1 = new X509KeyInfoGeneratorFactory(); defaultKeyTransportKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager(); defaultKeyTransportKeyInfoGeneratorManager.registerDefaultFactory(basicFactory1); defaultKeyTransportKeyInfoGeneratorManager.registerDefaultFactory(x509Factory1); config3.setKeyTransportKeyInfoGeneratorManager(defaultKeyTransportKeyInfoGeneratorManager); BasicKeyInfoGeneratorFactory basicFactory2 = new BasicKeyInfoGeneratorFactory(); X509KeyInfoGeneratorFactory x509Factory2 = new X509KeyInfoGeneratorFactory(); defaultDataEncryptionKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager(); defaultDataEncryptionKeyInfoGeneratorManager.registerDefaultFactory(basicFactory2); defaultDataEncryptionKeyInfoGeneratorManager.registerDefaultFactory(x509Factory2); config3.setDataKeyInfoGeneratorManager(defaultDataEncryptionKeyInfoGeneratorManager); configCriterion = new EncryptionConfigurationCriterion(config1, config2, config3); roleDesc = buildRoleDescriptorSkeleton(); roleDescCriterion = new RoleDescriptorCriterion(roleDesc); criteriaSet = new CriteriaSet(configCriterion, roleDescCriterion); }