Package org.opensaml.saml.saml2.encryption

Class Decrypter

  • public class Decrypter
extends org.opensaml.xmlsec.encryption.support.Decrypter
    Class which implements SAML2-specific options for EncryptedElementType objects.

    For information on other parameters and options, and general XML Encryption issues, see Decrypter.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private org.slf4j.Logger log
      Class logger.

    • Constructor Summary

      Constructors 
      Constructor Description
      Decrypter​(org.opensaml.xmlsec.DecryptionParameters params)
      Constructor.
      Decrypter​(org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newResolver, org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newKEKResolver, org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver newEncKeyResolver)
      Constructor.
      Decrypter​(org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newResolver, org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newKEKResolver, org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver newEncKeyResolver, Collection<String> whitelistAlgos, Collection<String> blacklistAlgos)
      Constructor.

    • Field Detail

      • log

        private final org.slf4j.Logger log
        Class logger.

    • Constructor Detail

      • Decrypter

        public Decrypter​(org.opensaml.xmlsec.DecryptionParameters params)
        Constructor.
        Parameters:
        params - decryption parameters to use

      • Decrypter

        public Decrypter​(@Nullable
                 org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newResolver,
                 @Nullable
                 org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newKEKResolver,
                 @Nullable
                 org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver newEncKeyResolver)
        Constructor.
        Parameters:
        newResolver - resolver for data encryption keys.
        newKEKResolver - resolver for key encryption keys.
        newEncKeyResolver - resolver for EncryptedKey elements

      • Decrypter

        public Decrypter​(@Nullable
                 org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newResolver,
                 @Nullable
                 org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver newKEKResolver,
                 @Nullable
                 org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver newEncKeyResolver,
                 @Nullable
                 Collection<String> whitelistAlgos,
                 @Nullable
                 Collection<String> blacklistAlgos)
        Constructor.
        Parameters:
        newResolver - resolver for data encryption keys.
        newKEKResolver - resolver for key encryption keys.
        newEncKeyResolver - resolver for EncryptedKey elements
        whitelistAlgos - collection of whitelisted algorithm URIs
        blacklistAlgos - collection of blacklisted algorithm URIs

    • Method Detail

      • decrypt

        public Assertion decrypt​(@Nonnull
                         EncryptedAssertion encryptedAssertion)
                  throws org.opensaml.xmlsec.encryption.support.DecryptionException
        Decrypt the specified EncryptedAssertion.
        Parameters:
        encryptedAssertion - the EncryptedAssertion to decrypt
        Returns:
        an Assertion
        Throws:
        org.opensaml.xmlsec.encryption.support.DecryptionException - thrown when decryption generates an error

      • decrypt

        public Attribute decrypt​(@Nonnull
                         EncryptedAttribute encryptedAttribute)
                  throws org.opensaml.xmlsec.encryption.support.DecryptionException
        Decrypt the specified EncryptedAttribute.
        Parameters:
        encryptedAttribute - the EncryptedAttribute to decrypt
        Returns:
        an Attribute
        Throws:
        org.opensaml.xmlsec.encryption.support.DecryptionException - thrown when decryption generates an error

      • decrypt

        public SAMLObject decrypt​(@Nonnull
                          EncryptedID encryptedID)
                   throws org.opensaml.xmlsec.encryption.support.DecryptionException
        Decrypt the specified EncryptedID.

        Note that an EncryptedID can contain a NameID, an Assertion or a BaseID. It is up to the caller to determine the type of the resulting SAMLObject.

        Parameters:
        encryptedID - the EncryptedID to decrypt
        Returns:
        an XMLObject
        Throws:
        org.opensaml.xmlsec.encryption.support.DecryptionException - thrown when decryption generates an error

      • decrypt

        public NewID decrypt​(@Nonnull
                     NewEncryptedID newEncryptedID)
              throws org.opensaml.xmlsec.encryption.support.DecryptionException
        Decrypt the specified NewEncryptedID.
        Parameters:
        newEncryptedID - the NewEncryptedID to decrypt
        Returns:
        a NewID
        Throws:
        org.opensaml.xmlsec.encryption.support.DecryptionException - thrown when decryption generates an error

      • decryptData

        private SAMLObject decryptData​(@Nonnull
                               EncryptedElementType encElement)
                        throws org.opensaml.xmlsec.encryption.support.DecryptionException
        Decrypt the specified instance of EncryptedElementType, and return it as an instance of the specified QName.
        Parameters:
        encElement - the EncryptedElementType to decrypt
        Returns:
        the decrypted SAMLObject
        Throws:
        org.opensaml.xmlsec.encryption.support.DecryptionException - thrown when decryption generates an error