Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.saml2.encryption
Class Encrypter

java.lang.Object
  extended by org.opensaml.xml.encryption.Encrypter
      extended by org.opensaml.saml2.encryption.Encrypter

public class Encrypter
extends Encrypter

Encrypter for SAML 2 SAMLObjects which has specific options for generating instances of subtypes of EncryptedElementType.

Overloaded methods are provided for encrypting various SAML 2 elements to their corresponding encrypted element variant of EncryptedElementType.

Support is also provided for differing placement options for any associated EncryptedKeys that may be generated. The options are:

The default placement is PEER.

The EncryptedKey forward and back referencing behavior associated with these key placement options is intended to be consistent with the guidelines detailed in SAML 2 Errata E43. See that document for further information.

For information on other parameters and options, and general XML Encryption issues, see Encrypter.

Nested Class Summary
static class Encrypter.KeyPlacement
          Options for where to place the resulting EncryptedKey elements with respect to the associated EncryptedData element.
 
Field Summary
private  XMLObjectBuilderFactory builderFactory
          Factory for building XMLObject instances.
private  XMLEncryptionBuilder<CarriedKeyName> carriedKeyNameBuilder
          Builder for CarriedKeyName objects.
private  XMLEncryptionBuilder<DataReference> dataReferenceBuilder
          Builder for DataReference objects.
private  EncryptionParameters encParams
          The parameters to use for encrypting the data.
private  IdentifierGenerator idGenerator
          Generator for XML ID attribute values.
private  List<KeyEncryptionParameters> kekParamsList
          The parameters to use for encrypting (wrapping) the data encryption key.
private  XMLSignatureBuilder<KeyInfo> keyInfoBuilder
          Builder for KeyInfo objects.
private  XMLSignatureBuilder<KeyName> keyNameBuilder
          Builder for KeyName objects.
private  Encrypter.KeyPlacement keyPlacement
          The option for where to place the generated EncryptedKey elements.
private  org.slf4j.Logger log
          Class logger.
private  XMLEncryptionBuilder<ReferenceList> referenceListBuilder
          Builder for ReferenceList objects.
private  XMLSignatureBuilder<RetrievalMethod> retrievalMethodBuilder
          Builder for RetrievalMethod objects.
 
Constructor Summary
Encrypter(EncryptionParameters dataEncParams)
          Constructor.
Encrypter(EncryptionParameters dataEncParams, KeyEncryptionParameters keyEncParam)
          Constructor.
Encrypter(EncryptionParameters dataEncParams, List<KeyEncryptionParameters> keyEncParams)
          Constructor.
 
Method Summary
 EncryptedAssertion encrypt(Assertion assertion)
          Encrypt the specified Assertion.
 EncryptedAttribute encrypt(Attribute attribute)
          Encrypt the specified Attribute.
 EncryptedID encrypt(BaseID baseID)
          Encrypt the specified BaseID.
 EncryptedID encrypt(NameID nameID)
          Encrypt the specified NameID.
 NewEncryptedID encrypt(NewID newID)
          Encrypt the specified NewID.
private  EncryptedElementType encrypt(XMLObject xmlObject, QName encElementName)
          Encrypt the specified XMLObject, and return it as an instance of the specified QName, which should be one of the types derived from EncryptedElementType.
 EncryptedID encryptAsID(Assertion assertion)
          Encrypt the specified Assertion, treating as an identifier and returning an EncryptedID.
 Encrypter.KeyPlacement getKeyPlacement()
          Get the current key placement option.
private  void init()
          Helper method for constructors.
protected  void linkMultiplePeerKeys(EncryptedData encData, List<EncryptedKey> encKeys)
          Link multiple "multicast" EncryptedKeys to the EncryptedData according to guidelines in SAML Errata E43.
protected  void linkSinglePeerKey(EncryptedData encData, EncryptedKey encKey)
          Link a single EncryptedKey to the EncryptedData according to guidelines in SAML Errata E43.
protected  EncryptedElementType placeKeysAsPeers(EncryptedElementType encElement, EncryptedData encData, List<EncryptedKey> encKeys)
          Store the specified EncryptedData and EncryptedKey(s) in the specified instance of EncryptedElementType as peer elements, following SAML 2 Errata E43 guidelines for forward and back referencing between the EncryptedData and EncryptedKey(s).
protected  EncryptedElementType placeKeysInline(EncryptedElementType encElement, EncryptedData encData, List<EncryptedKey> encKeys)
          Place the EncryptedKey elements inside the KeyInfo element within the EncryptedData element.
protected  EncryptedElementType processElements(EncryptedElementType encElement, EncryptedData encData, List<EncryptedKey> encKeys)
          Handle post-processing of generated EncryptedData and EncryptedKey(s) and storage in the appropriate EncryptedElementType instance.
 void setIDGenerator(IdentifierGenerator newIDGenerator)
          Set the generator to use when creating XML ID attribute values.
 void setKeyPlacement(Encrypter.KeyPlacement newKeyPlacement)
          Set the key placement option.
 
Methods inherited from class org.opensaml.xml.encryption.Encrypter
checkAndMarshall, checkParams, checkParams, checkParams, checkParams, encryptElement, encryptElement, encryptElement, encryptElement, encryptElementContent, encryptElementContent, encryptElementContent, encryptKey, encryptKey, encryptKey, generateEncryptionKey, getJCAProviderName, postProcessApacheEncryptedKey, setJCAProviderName
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

builderFactory

private XMLObjectBuilderFactory builderFactory
Factory for building XMLObject instances.

keyInfoBuilder

private XMLSignatureBuilder<KeyInfo> keyInfoBuilder
Builder for KeyInfo objects.

dataReferenceBuilder

private XMLEncryptionBuilder<DataReference> dataReferenceBuilder
Builder for DataReference objects.

referenceListBuilder

private XMLEncryptionBuilder<ReferenceList> referenceListBuilder
Builder for ReferenceList objects.

retrievalMethodBuilder

private XMLSignatureBuilder<RetrievalMethod> retrievalMethodBuilder
Builder for RetrievalMethod objects.

keyNameBuilder

private XMLSignatureBuilder<KeyName> keyNameBuilder
Builder for KeyName objects.

carriedKeyNameBuilder

private XMLEncryptionBuilder<CarriedKeyName> carriedKeyNameBuilder
Builder for CarriedKeyName objects.

idGenerator

private IdentifierGenerator idGenerator
Generator for XML ID attribute values.

encParams

private EncryptionParameters encParams
The parameters to use for encrypting the data.

kekParamsList

private List<KeyEncryptionParameters> kekParamsList
The parameters to use for encrypting (wrapping) the data encryption key.

keyPlacement

private Encrypter.KeyPlacement keyPlacement
The option for where to place the generated EncryptedKey elements.

log

private final org.slf4j.Logger log
Class logger.

Constructor Detail

Encrypter

public Encrypter(EncryptionParameters dataEncParams,
                 List<KeyEncryptionParameters> keyEncParams)
Constructor.

Parameters:
dataEncParams - the data encryption parameters
keyEncParams - the key encryption parameters

Encrypter

public Encrypter(EncryptionParameters dataEncParams,
                 KeyEncryptionParameters keyEncParam)
Constructor.

Parameters:
dataEncParams - the data encryption parameters
keyEncParam - the key encryption parameter

Encrypter

public Encrypter(EncryptionParameters dataEncParams)
Constructor.

Parameters:
dataEncParams - the data encryption parameters
Method Detail

init

private void init()
Helper method for constructors.

setIDGenerator

public void setIDGenerator(IdentifierGenerator newIDGenerator)
Set the generator to use when creating XML ID attribute values.

Parameters:
newIDGenerator - the new IdentifierGenerator to use

getKeyPlacement

public Encrypter.KeyPlacement getKeyPlacement()
Get the current key placement option.

Returns:
returns the key placement option.

setKeyPlacement

public void setKeyPlacement(Encrypter.KeyPlacement newKeyPlacement)
Set the key placement option.

Parameters:
newKeyPlacement - The new key placement option to set

encrypt

public EncryptedAssertion encrypt(Assertion assertion)
                           throws EncryptionException
Encrypt the specified Assertion.

Parameters:
assertion - the Assertion to encrypt
Returns:
an EncryptedAssertion
Throws:
EncryptionException - thrown when encryption generates an error

encryptAsID

public EncryptedID encryptAsID(Assertion assertion)
                        throws EncryptionException
Encrypt the specified Assertion, treating as an identifier and returning an EncryptedID.

Parameters:
assertion - the Assertion to encrypt
Returns:
an EncryptedID
Throws:
EncryptionException - thrown when encryption generates an error

encrypt

public EncryptedAttribute encrypt(Attribute attribute)
                           throws EncryptionException
Encrypt the specified Attribute.

Parameters:
attribute - the Attribute to encrypt
Returns:
an EncryptedAttribute
Throws:
EncryptionException - thrown when encryption generates an error

encrypt

public EncryptedID encrypt(NameID nameID)
                    throws EncryptionException
Encrypt the specified NameID.

Parameters:
nameID - the NameID to encrypt
Returns:
an EncryptedID
Throws:
EncryptionException - thrown when encryption generates an error

encrypt

public EncryptedID encrypt(BaseID baseID)
                    throws EncryptionException
Encrypt the specified BaseID.

Parameters:
baseID - the BaseID to encrypt
Returns:
an EncryptedID
Throws:
EncryptionException - thrown when encryption generates an error

encrypt

public NewEncryptedID encrypt(NewID newID)
                       throws EncryptionException
Encrypt the specified NewID.

Parameters:
newID - the NewID to encrypt
Returns:
a NewEncryptedID
Throws:
EncryptionException - thrown when encryption generates an error

encrypt

private EncryptedElementType encrypt(XMLObject xmlObject,
                                     QName encElementName)
                              throws EncryptionException
Encrypt the specified XMLObject, and return it as an instance of the specified QName, which should be one of the types derived from EncryptedElementType.

Parameters:
xmlObject - the XMLObject to encrypt
encElementName - the QName of the specialization of EncryptedElementType to return
Returns:
a specialization of EncryptedElementType
Throws:
EncryptionException - thrown when encryption generates an error

processElements

protected EncryptedElementType processElements(EncryptedElementType encElement,
                                               EncryptedData encData,
                                               List<EncryptedKey> encKeys)
                                        throws EncryptionException
Handle post-processing of generated EncryptedData and EncryptedKey(s) and storage in the appropriate EncryptedElementType instance.

Parameters:
encElement - the EncryptedElementType instance which will hold the encrypted data and keys
encData - the EncryptedData object
encKeys - the list of EncryptedKey objects
Returns:
the processed EncryptedElementType instance
Throws:
EncryptionException - thrown when processing encounters an error

placeKeysInline

protected EncryptedElementType placeKeysInline(EncryptedElementType encElement,
                                               EncryptedData encData,
                                               List<EncryptedKey> encKeys)
Place the EncryptedKey elements inside the KeyInfo element within the EncryptedData element. Although operationally trivial, this method is provided so that subclasses may override or augment as desired.

Parameters:
encElement - the EncryptedElementType instance which will hold the encrypted data and keys
encData - the EncryptedData object
encKeys - the list of EncryptedKey objects
Returns:
the processed EncryptedElementType instance

placeKeysAsPeers

protected EncryptedElementType placeKeysAsPeers(EncryptedElementType encElement,
                                                EncryptedData encData,
                                                List<EncryptedKey> encKeys)
Store the specified EncryptedData and EncryptedKey(s) in the specified instance of EncryptedElementType as peer elements, following SAML 2 Errata E43 guidelines for forward and back referencing between the EncryptedData and EncryptedKey(s).

Parameters:
encElement - a specialization of EncryptedElementType to store the encrypted data and keys
encData - the EncryptedData to store
encKeys - the EncryptedKey(s) to store
Returns:
the resulting specialization of EncryptedElementType

linkSinglePeerKey

protected void linkSinglePeerKey(EncryptedData encData,
                                 EncryptedKey encKey)
Link a single EncryptedKey to the EncryptedData according to guidelines in SAML Errata E43.

Parameters:
encData - the EncryptedData
encKey - the EncryptedKey

linkMultiplePeerKeys

protected void linkMultiplePeerKeys(EncryptedData encData,
                                    List<EncryptedKey> encKeys)
Link multiple "multicast" EncryptedKeys to the EncryptedData according to guidelines in SAML Errata E43.

Parameters:
encData - the EncryptedData
encKeys - the list of EncryptedKeys
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999-2012. All Rights Reserved.