[SIDP-224] - Add version information in library JAR manifest and provide command line tool to view it
[SIDP-225] - Credential theft vulnerability in login.jsp
[SIDP-226] - Cross site scripting vulnerability
-[SIDP-227] - Default relying-party.xml has SAML2-specific security policy rules included in SAML 1 security policies
\ No newline at end of file
+[SIDP-227] - Default relying-party.xml has SAML2-specific security policy rules included in SAML 1 security policies
+[SIDP-228] - Improve error reporting in SAML 2 profile handlers when no encryption key is resolveable for the peer entity ID
\ No newline at end of file
EncryptionParameters dataEncParams = SecurityHelper
.buildDataEncryptionParams(null, securityConfiguration, null);
- Credential keyEncryptionCredentials = getKeyEncryptionCredential(peerEntityId);
+ Credential keyEncryptionCredential = getKeyEncryptionCredential(peerEntityId);
+ if (keyEncryptionCredential == null) {
+ log.error("Could not resolve a key encryption credential for peer entity: {}", peerEntityId);
+ throw new SecurityException("Could not resolve key encryption credential");
+ }
String wrappedJCAKeyAlgorithm = SecurityHelper.getKeyAlgorithmFromURI(dataEncParams.getAlgorithm());
- KeyEncryptionParameters keyEncParams = SecurityHelper.buildKeyEncryptionParams(keyEncryptionCredentials,
+ KeyEncryptionParameters keyEncParams = SecurityHelper.buildKeyEncryptionParams(keyEncryptionCredential,
wrappedJCAKeyAlgorithm, securityConfiguration, null, null);
Encrypter encrypter = new Encrypter(dataEncParams, keyEncParams);