我正在使用OpenSAML 2.2.0,并且在创建EncryptedAssertion
时遇到问题。调用crypto方法时,将引发NullPointerException
。错误如下:
java.lang.NullPointerException
at org.apache.xml.security.algorithms.JCEMapper.getJCEKeyAlgorithmFromURI(Unknown Source)
at org.opensaml.xml.security.SecurityHelper.getKeyAlgorithmFromURI(SecurityHelper.java:110)
at org.opensaml.xml.security.SecurityHelper.generateSymmetricKey(SecurityHelper.java:168)
at org.opensaml.xml.encryption.Encrypter.generateEncryptionKey(Encrypter.java:644)
at org.opensaml.saml2.encryption.Encrypter.encrypt(Encrypter.java:340)
at org.opensaml.saml2.encryption.Encrypter.encrypt(Encrypter.java:257)
at com.dadco.XMLEncryption.encrypt(XMLEncryption.java:95)
我确实相信我已经将范围缩小到了KeyInfoGeneratorFactory
和Credential
的问题。证书是提供的公共密钥,并且正在根据该证书创建凭据。我已经在下面包含了源代码。我觉得这里缺少一些非常简单的东西。任何帮助都将不胜感激!
public class XMLEncryption {
//INIT FUNCTION;
public XMLEncryption(){
}
//ENCRYPT FUNCTION;
public EncryptedAssertion encrypt(String samlString, String certificatePath) throws Exception {
EncryptedAssertion encryptedAssertion = null;
Encrypter encrypter = null;
Response response = null;
Assertion assertion = null;
Credential credential = null;
Certificate certificate = null;
KeyEncryptionParameters keyEncryptionParameters = null;
EncryptionParameters encryptionParameters = null;
try {
//BOOTSTRAP OPENSAML;
DefaultBootstrap.bootstrap();
//UNMARSHALL THE SAMLSTRING AND CAST TO A RESPONSE OBJECT;
response = (Response) unmarshall(samlString);
assertion = response.getAssertions().get(0);
//SET THE CERTIFICATE TO USE FOR ENCRYPTION;
certificate = readCertificate(certificatePath);
//SET THE CREDENTIAL FROM THE CERTIFICATE;
credential = setCredential(certificate);
//SET THE ENCRYPTION PARAMETERS;
encryptionParameters = new EncryptionParameters();
encryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128);
//SET KEY ENCRYPTION PARAMETERS;
keyEncryptionParameters = new KeyEncryptionParameters();
keyEncryptionParameters.setEncryptionCredential(credential);
keyEncryptionParameters.setAlgorithm(EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSA15);
//SET KEY INFO GENERATOR FACTORY;
KeyInfoGeneratorFactory keyInfoGeneratorFactory = Configuration.getGlobalSecurityConfiguration().getKeyInfoGeneratorManager().getDefaultManager().getFactory(credential);
//UPDATE KEY ENCRYPTION PARAMETERS;
keyEncryptionParameters.setKeyInfoGenerator(keyInfoGeneratorFactory.newInstance());
//SET THE ENCRYPTER;
encrypter = new Encrypter(encryptionParameters, keyEncryptionParameters);
encrypter.setKeyPlacement(KeyPlacement.PEER);
//ENCRYPT THE ASSERTION;
encryptedAssertion = encrypter.encrypt(assertion);
}
//CATCH ANY EXCEPTIONS;
catch (Exception e)
{
throw e;
}
return encryptedAssertion;
}
private XMLObject unmarshall(String samlString) throws Exception {
BasicParserPool parser = new BasicParserPool();
parser.setNamespaceAware(true);
StringReader reader = new StringReader(samlString);
Document doc = parser.parse(reader);
Element samlElement = doc.getDocumentElement();
UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(samlElement);
if (unmarshaller == null) {
throw new Exception("Failed to unmarshal");
}
return unmarshaller.unmarshall(samlElement);
}
private Certificate readCertificate(String certificatePath) throws Exception {
FileInputStream fileInputStream = new FileInputStream(certificatePath);
BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Certificate certificate = certificateFactory.generateCertificate(bufferedInputStream);
return certificate;
}
private Credential setCredential(Certificate certificate) throws Exception {
BasicCredential credential = new BasicCredential();
credential.setPublicKey(certificate.getPublicKey());
credential.setUsageType(UsageType.ENCRYPTION);
return credential;
}
}