@BeforeMethod
public void setUp() throws ComponentInitializationException {
mdCredResolver = new MetadataCredentialResolver();
mdCredResolver.setKeyInfoCredentialResolver(SAMLTestSupport.buildBasicInlineKeyInfoResolver());
mdCredResolver.initialize();
resolver = new SAMLMetadataEncryptionParametersResolver(mdCredResolver);
config1 = new BasicEncryptionConfiguration();
config2 = new BasicEncryptionConfiguration();
config3 = new BasicEncryptionConfiguration();
// Set these as defaults on the last config in the chain, just so don't have to set in every
// test.
config3.setDataEncryptionAlgorithms(
Arrays.asList(
defaultAES128DataAlgo,
defaultAES192DataAlgo,
defaultAES256DataAlgo,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_TRIPLEDES,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM,
EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM));
config3.setKeyTransportEncryptionAlgorithms(
Arrays.asList(
defaultRSAKeyTransportAlgo,
EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15,
EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP11,
EncryptionConstants.ALGO_ID_KEYWRAP_AES128,
EncryptionConstants.ALGO_ID_KEYWRAP_AES192,
EncryptionConstants.ALGO_ID_KEYWRAP_AES256,
EncryptionConstants.ALGO_ID_KEYWRAP_TRIPLEDES));
BasicKeyInfoGeneratorFactory basicFactory1 = new BasicKeyInfoGeneratorFactory();
X509KeyInfoGeneratorFactory x509Factory1 = new X509KeyInfoGeneratorFactory();
defaultKeyTransportKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager();
defaultKeyTransportKeyInfoGeneratorManager.registerDefaultFactory(basicFactory1);
defaultKeyTransportKeyInfoGeneratorManager.registerDefaultFactory(x509Factory1);
config3.setKeyTransportKeyInfoGeneratorManager(defaultKeyTransportKeyInfoGeneratorManager);
BasicKeyInfoGeneratorFactory basicFactory2 = new BasicKeyInfoGeneratorFactory();
X509KeyInfoGeneratorFactory x509Factory2 = new X509KeyInfoGeneratorFactory();
defaultDataEncryptionKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager();
defaultDataEncryptionKeyInfoGeneratorManager.registerDefaultFactory(basicFactory2);
defaultDataEncryptionKeyInfoGeneratorManager.registerDefaultFactory(x509Factory2);
config3.setDataKeyInfoGeneratorManager(defaultDataEncryptionKeyInfoGeneratorManager);
configCriterion = new EncryptionConfigurationCriterion(config1, config2, config3);
roleDesc = buildRoleDescriptorSkeleton();
roleDescCriterion = new RoleDescriptorCriterion(roleDesc);
criteriaSet = new CriteriaSet(configCriterion, roleDescCriterion);
}
@Test
public void testKeyInfoGenerationProfile() throws ResolverException {
roleDesc
.getKeyDescriptors()
.add(buildKeyDescriptor(rsaCred1KeyName, UsageType.ENCRYPTION, rsaCred1.getPublicKey()));
resolver.setAutoGenerateDataEncryptionCredential(true);
criteriaSet.add(new KeyInfoGenerationProfileCriterion("testKeyInfoProfile"));
defaultDataEncryptionKeyInfoGeneratorManager.setUseDefaultManager(true);
defaultKeyTransportKeyInfoGeneratorManager.setUseDefaultManager(true);
EncryptionParameters params = resolver.resolveSingle(criteriaSet);
Assert.assertNotNull(params.getDataKeyInfoGenerator());
Assert.assertNotNull(params.getKeyTransportKeyInfoGenerator());
defaultDataEncryptionKeyInfoGeneratorManager.setUseDefaultManager(false);
defaultKeyTransportKeyInfoGeneratorManager.setUseDefaultManager(false);
params = resolver.resolveSingle(criteriaSet);
Assert.assertNull(params.getDataKeyInfoGenerator());
Assert.assertNull(params.getKeyTransportKeyInfoGenerator());
defaultDataEncryptionKeyInfoGeneratorManager.setUseDefaultManager(false);
defaultKeyTransportKeyInfoGeneratorManager.setUseDefaultManager(false);
defaultDataEncryptionKeyInfoGeneratorManager.registerFactory(
"testKeyInfoProfile", new BasicKeyInfoGeneratorFactory());
defaultKeyTransportKeyInfoGeneratorManager.registerFactory(
"testKeyInfoProfile", new BasicKeyInfoGeneratorFactory());
params = resolver.resolveSingle(criteriaSet);
Assert.assertNotNull(params.getDataKeyInfoGenerator());
Assert.assertNotNull(params.getKeyTransportKeyInfoGenerator());
}