Package org.opensaml.xmlsec.keyinfo.impl

Class X509KeyInfoGeneratorFactory

  • All Implemented Interfaces:
    org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    public class X509KeyInfoGeneratorFactory
extends BasicKeyInfoGeneratorFactory
    A factory implementation which produces instances of KeyInfoGenerator capable of handling the information contained within an X509Credential. All boolean options default to false. The default implementation of X500DNHandler used is InternalX500DNHandler. The default output format for subject and issuer DN's is RFC2253. The default set of subject alternative names to process is empty.

    • Constructor Detail

      • X509KeyInfoGeneratorFactory

        public X509KeyInfoGeneratorFactory()
        Constructor.

    • Method Detail

      • getCredentialType

        @Nonnull
public Class<? extends org.opensaml.security.credential.Credential> getCredentialType()
        Specified by:
        getCredentialType in interface org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
        Overrides:
        getCredentialType in class BasicKeyInfoGeneratorFactory

      • handles

        public boolean handles​(@Nonnull
                       org.opensaml.security.credential.Credential credential)
        Specified by:
        handles in interface org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
        Overrides:
        handles in class BasicKeyInfoGeneratorFactory

      • newInstance

        @Nonnull
public org.opensaml.xmlsec.keyinfo.KeyInfoGenerator newInstance()
        Specified by:
        newInstance in interface org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
        Overrides:
        newInstance in class BasicKeyInfoGeneratorFactory

      • emitCRLs

        public boolean emitCRLs()
        Get the option to emit the CRL list as sequence of X509CRL elements within X509Data.
        Returns:
        the option value

      • setEmitCRLs

        public void setEmitCRLs​(boolean newValue)
        Set the option to emit the CRL list as sequence of X509CRL elements within X509Data.
        Parameters:
        newValue - the new option value

      • emitEntityCertificate

        public boolean emitEntityCertificate()
        Get the option to emit the entity certificate as an X509Certificate element within X509Data.
        Returns:
        the option value

      • setEmitEntityCertificate

        public void setEmitEntityCertificate​(boolean newValue)
        Set the option to emit the entity certificate as an X509Certificate element within X509Data.
        Parameters:
        newValue - the new option value

      • emitEntityCertificateChain

        public boolean emitEntityCertificateChain()
        Get the option to emit the entity certificate chain as sequence of X509Certificate elements within X509Data.
        Returns:
        the option value

      • setEmitEntityCertificateChain

        public void setEmitEntityCertificateChain​(boolean newValue)
        Set the option to emit the entity certificate chain as sequence of X509Certificate elements within X509Data.
        Parameters:
        newValue - the new option value

      • emitSubjectAltNamesAsKeyNames

        public boolean emitSubjectAltNamesAsKeyNames()
        Get the option to emit the entity certificate subject alternative name extension values as KeyName elements.
        Returns:
        the option value

      • setEmitSubjectAltNamesAsKeyNames

        public void setEmitSubjectAltNamesAsKeyNames​(boolean newValue)
        Set the option to emit the entity certificate subject alternative name extension values as KeyName elements.
        Parameters:
        newValue - the new option value

      • emitSubjectCNAsKeyName

        public boolean emitSubjectCNAsKeyName()
        Get the option to emit the entity certificate subject DN common name (CN) fields as KeyName elements.
        Returns:
        the option value

      • setEmitSubjectCNAsKeyName

        public void setEmitSubjectCNAsKeyName​(boolean newValue)
        Set the option to emit the entity certificate subject DN common name (CN) fields as KeyName elements.
        Parameters:
        newValue - the new option value

      • emitSubjectDNAsKeyName

        public boolean emitSubjectDNAsKeyName()
        Get the option to emit the entity certificate subject DN as a KeyName element.
        Returns:
        the option value

      • setEmitSubjectDNAsKeyName

        public void setEmitSubjectDNAsKeyName​(boolean newValue)
        Set the option to emit the entity certificate subject DN as a KeyName element.
        Parameters:
        newValue - the new option value

      • emitX509IssuerSerial

        public boolean emitX509IssuerSerial()
        Get the option to emit the entity certificate issuer name and serial number as an X509IssuerSerial element within X509Data.
        Returns:
        the option value

      • setEmitX509IssuerSerial

        public void setEmitX509IssuerSerial​(boolean newValue)
        Set the option to emit the entity certificate issuer name and serial number as an X509IssuerSerial element within X509Data.
        Parameters:
        newValue - the new option value

      • emitX509SKI

        public boolean emitX509SKI()
        Get the option to emit the entity certificate subject key identifier as an X509SKI element within X509Data.
        Returns:
        the option value

      • setEmitX509SKI

        public void setEmitX509SKI​(boolean newValue)
        Set the option to emit the entity certificate subject key identifier as an X509SKI element within X509Data.
        Parameters:
        newValue - the new option value

      • emitX509Digest

        public boolean emitX509Digest()
        Get the option to emit the entity certificate digest as an X509Digest element within X509Data.
        Returns:
        the option value

      • setEmitX509Digest

        public void setEmitX509Digest​(boolean newValue)
        Set the option to emit the entity certificate digest as an X509Digest element within X509Data.
        Parameters:
        newValue - the new option value

      • getX509DigestAlgorithmURI

        @Nonnull
public String getX509DigestAlgorithmURI()
        Get the algorithm URI for X509Digest digests. Defaults to SHA-256.
        Returns:
        returns the digest algorithm URI

      • setX509DigestAlgorithmURI

        public void setX509DigestAlgorithmURI​(@Nonnull
                                      String alg)
        Set the algorithm URI for X509Digest digests. Defaults to SHA-256.
        Parameters:
        alg - the new digest algorithmURI

      • emitX509SubjectName

        public boolean emitX509SubjectName()
        Get the option to emit the entity certificate subject DN as an X509SubjectName element within X509Data.
        Returns:
        the option value

      • setEmitX509SubjectName

        public void setEmitX509SubjectName​(boolean newValue)
        Set the option to emit the entity certificate subject DN as an X509SubjectName element within X509Data.
        Parameters:
        newValue - the new option value

      • getSubjectAltNames

        @Nonnull
public Set<Integer> getSubjectAltNames()
        The set of types of subject alternative names to process. Name types are represented using the constant OID tag name values defined in X509Support.
        Returns:
        the modifiable set of alt name identifiers

      • getX500DNHandler

        @Nonnull
public org.opensaml.security.x509.X500DNHandler getX500DNHandler()
        Get the handler which process X.500 distinguished names. Defaults to InternalX500DNHandler.
        Returns:
        returns the X500DNHandler instance

      • setX500DNHandler

        public void setX500DNHandler​(@Nonnull
                             org.opensaml.security.x509.X500DNHandler handler)
        Set the handler which process X.500 distinguished names. Defaults to InternalX500DNHandler.
        Parameters:
        handler - the new X500DNHandler instance

      • getX500SubjectDNFormat

        @Nullable
public String getX500SubjectDNFormat()
        Get the output format specifier for X.500 subject names. Defaults to RFC2253 format. The meaning of this format specifier value is dependent upon the implementation of X500DNHandler which is used.
        Returns:
        returns the format specifier

      • setX500SubjectDNFormat

        public void setX500SubjectDNFormat​(@Nullable
                                   String format)
        Set the output format specifier for X.500 subject names. Defaults to RFC2253 format. The meaning of this format specifier value is dependent upon the implementation of X500DNHandler which is used.
        Parameters:
        format - the new X500DNHandler instance

      • getX500IssuerDNFormat

        @Nullable
public String getX500IssuerDNFormat()
        Get the output format specifier for X.500 issuer names. Defaults to RFC2253 format. The meaning of this format specifier value is dependent upon the implementation of X500DNHandler which is used.
        Returns:
        returns the format specifier

      • setX500IssuerDNFormat

        public void setX500IssuerDNFormat​(@Nullable
                                  String format)
        Set the output format specifier for X.500 issuer names. Defaults to RFC2253 format. The meaning of this format specifier value is dependent upon the implementation of X500DNHandler which is used.
        Parameters:
        format - the new X500DNHandler instance