// set keySize
int keySize = data.getKeysize();
keySize = (keySize != -1) ? keySize : config.keySize;
// Create the encrypted key
KeyInfo encryptedKeyInfoElement
= SAMLUtils.getSymmetricKeyBasedKeyInfo(doc, data, serviceCert, keySize,
crypto, config.keyComputation);
return this.createAttributeAssertion(data, encryptedKeyInfoElement, nameIdentifier, config,
crypto, creationTime, expirationTime);
} catch (WSSecurityException e) {
if (serviceCert != null) {
throw new TrustException(
"errorInBuildingTheEncryptedKeyForPrincipal",
new String[]{serviceCert.getSubjectDN().getName()},
e);
} else {
throw new TrustException(
"trustedCertNotFoundForEPR",
new String[]{data.getAppliesToAddress()},
e);
}
}
} else {
try {
/**
* In this case we need to create KeyInfo as follows,
* <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
* <X509Data xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
* xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
* <X509Certificate>
* MIICNTCCAZ6gAwIBAgIES343....
* </X509Certificate>
* </X509Data>
* </KeyInfo>
*/
String subjectNameId = data.getPrincipal().getName();
NameIdentifier nameId = SAMLUtils.createNamedIdentifier(subjectNameId, NameIdentifier.EMAIL);
// Create the ds:KeyValue element with the ds:X509Data
X509Certificate clientCert = data.getClientCert();
if(clientCert == null) {
clientCert = CommonUtil.getCertificateByAlias(crypto,data.getPrincipal().getName());;
}
KeyInfo keyInfo = SAMLUtils.getCertificateBasedKeyInfo(clientCert);
return this.createAuthAssertion(RahasConstants.SAML11_SUBJECT_CONFIRMATION_HOK, nameId, keyInfo,
config, crypto, creationTime, expirationTime, data);
} catch (Exception e) {
throw new TrustException("samlAssertionCreationError", e);