Merge branch 'issue-5' into branch-2.5

bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/AttributeQueryHelper.java

@@ -82,7 +82,7 @@ public class AttributeQueryHelper implements Serializable {
 		try {
 			signingCredential = SecurityHelper.getSimpleCredential(
 					cryptoHelper.getCertificate(spEntity.getCertificate()), 
-					cryptoHelper.getKeyPair(spEntity.getPrivateKey()).getPrivate());
+					cryptoHelper.getPrivateKey(spEntity.getPrivateKey()));
 		} catch (IOException e1) {
 			throw new MetadataException("No signing credential for SP " + spEntity.getEntityId(), e1);
 		}

bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/CryptoHelper.java

@@ -14,6 +14,7 @@ import java.io.IOException;
 import java.io.Serializable;
 import java.io.StringReader;
 import java.security.KeyPair;
+import java.security.PrivateKey;
 import java.security.Security;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
@@ -23,6 +24,7 @@ import javax.enterprise.context.ApplicationScoped;
 import javax.inject.Inject;
 import javax.inject.Named;
 
+import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.cert.X509CertificateHolder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
 import org.bouncycastle.openssl.PEMKeyPair;
@@ -60,12 +62,25 @@ public class CryptoHelper implements Serializable {
 		return cert;
 	}
 	
-	public KeyPair getKeyPair(String privateKey) throws IOException {
+	public PrivateKey getPrivateKey(String privateKey) throws IOException {
 		PEMParser pemReader = new PEMParser(new StringReader(privateKey));
-		PEMKeyPair pemPair = (PEMKeyPair) pemReader.readObject();
+		Object o = pemReader.readObject();
 		pemReader.close();
-		KeyPair pair = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(pemPair);
-		return pair;
+
+		if (o instanceof PEMKeyPair) {
+			PEMKeyPair pemPair = (PEMKeyPair) o;
+			KeyPair pair = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(pemPair);
+			return pair.getPrivate();
+		}
+		else if (o instanceof PrivateKeyInfo) {
+			PrivateKeyInfo pki = (PrivateKeyInfo) o;
+			PrivateKey pk = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pki);
+			return pk;
+		}
+		else {
+			logger.warn("Cannot load private key of type: {}", o.getClass().getName());
+			return null;
+		}			
 	}
 
 

bwreg-service/src/main/java/edu/kit/scc/webreg/service/saml/impl/Saml2AssertionServiceImpl.java

@@ -11,7 +11,7 @@
 package edu.kit.scc.webreg.service.saml.impl;
 
 import java.io.IOException;
-import java.security.KeyPair;
+import java.security.PrivateKey;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -178,19 +178,19 @@ public class Saml2AssertionServiceImpl implements Saml2AssertionService {
 			String privateKey) throws IOException, DecryptionException, SamlAuthenticationException {
 		logger.debug("Decrypting assertion...");
 		
-		KeyPair keyPair;
+		PrivateKey pk;
 		try {
-			keyPair = cryptoHelper.getKeyPair(privateKey);
+			pk = cryptoHelper.getPrivateKey(privateKey);
 		} catch (IOException e) {
 			throw new SamlAuthenticationException("Private key is not set up properly", e);
 		}
 		
-		if (keyPair == null) {
+		if (pk == null) {
 			throw new SamlAuthenticationException("Private key is not set up properly (is null)");
 		}
 			
 		BasicX509Credential decryptCredential = new BasicX509Credential();
-		decryptCredential.setPrivateKey(keyPair.getPrivate());
+		decryptCredential.setPrivateKey(pk);
 		KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver(decryptCredential);
 		InlineEncryptedKeyResolver encryptionKeyResolver = new InlineEncryptedKeyResolver();
 		Decrypter decrypter = new Decrypter(null, keyResolver, encryptionKeyResolver);
@@ -204,19 +204,19 @@ public class Saml2AssertionServiceImpl implements Saml2AssertionService {
 			String privateKey) throws IOException, DecryptionException, SamlAuthenticationException {
 		logger.debug("Decrypting nameID...");
 		
-		KeyPair keyPair;
+		PrivateKey pk;
 		try {
-			keyPair = cryptoHelper.getKeyPair(privateKey);
+			pk = cryptoHelper.getPrivateKey(privateKey);
 		} catch (IOException e) {
 			throw new SamlAuthenticationException("Private key is not set up properly", e);
 		}
 
-		if (keyPair == null) {
+		if (pk == null) {
 			throw new SamlAuthenticationException("Private key is not set up properly");
 		}
 			
 		BasicX509Credential decryptCredential = new BasicX509Credential();
-		decryptCredential.setPrivateKey(keyPair.getPrivate());
+		decryptCredential.setPrivateKey(pk);
 		KeyInfoCredentialResolver keyResolver = new StaticKeyInfoCredentialResolver(decryptCredential);
 		InlineEncryptedKeyResolver encryptionKeyResolver = new InlineEncryptedKeyResolver();
 		Decrypter decrypter = new Decrypter(null, keyResolver, encryptionKeyResolver);