Prosoft Git

keycloak-aplcache

Merge pull request #3473 from hmlnarik/KEYCLOAK-3215 KEYCLOAK-3215

11/8/2016 7:16:54 AM
Stian Thorgersen

Stian Thorgersen

Commit: de7006a

Tree: 9e7530b

Parents: 10f9800
01c42f9

Changes

saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLEncryptionUtil.java 9(+8 -1)

Details

saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLEncryptionUtil.java 9(+8 -1) 

diff --git a/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLEncryptionUtil.java b/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLEncryptionUtil.java
index e767d29..245cff9 100755
--- a/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLEncryptionUtil.java
+++ b/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLEncryptionUtil.java
@@ -20,12 +20,14 @@ import org.apache.xml.security.encryption.EncryptedData;
 import org.apache.xml.security.encryption.EncryptedKey;
 import org.apache.xml.security.encryption.XMLCipher;
 import org.apache.xml.security.encryption.XMLEncryptionException;
+
 import org.keycloak.saml.common.PicketLinkLogger;
 import org.keycloak.saml.common.PicketLinkLoggerFactory;
 import org.keycloak.saml.common.exceptions.ConfigurationException;
 import org.keycloak.saml.common.exceptions.ProcessingException;
 import org.keycloak.saml.common.util.DocumentUtil;
 import org.keycloak.saml.common.util.StringUtil;
+
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -37,6 +39,7 @@ import java.security.Key;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.util.HashMap;
+import java.util.Objects;
 
 /**
  * Utility for XML Encryption <b>Note: </b> This utility is currently using Apache XML Security library API. JSR-106 is
@@ -69,6 +72,10 @@ public class XMLEncryptionUtil {
 
     private static HashMap<String, EncryptionAlgorithm> algorithms = new HashMap<String, EncryptionAlgorithm>(4);
 
+    private static final String RSA_ENCRYPTION_SCHEME = Objects.equals(System.getProperty("keycloak.saml.key_trans.rsa_v1.5"), "true")
+      ? XMLCipher.RSA_v1dot5
+      : XMLCipher.RSA_OAEP;
+
     private static class EncryptionAlgorithm {
 
         EncryptionAlgorithm(String jceName, String xmlSecName, int size) {
@@ -514,7 +521,7 @@ public class XMLEncryptionUtil {
             }
         }
         if (publicKeyAlgo.contains("RSA"))
-            return XMLCipher.RSA_v1dot5;
+            return RSA_ENCRYPTION_SCHEME;
         if (publicKeyAlgo.contains("DES"))
             return XMLCipher.TRIPLEDES_KeyWrap;
         throw logger.unsupportedType("unsupported publicKey Algo:" + publicKeyAlgo);

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github