|
||||||||||
| PREV NEXT | FRAMES NO FRAMES | |||||||||
| Packages that use SecurityException | |
|---|---|
| org.opensaml.xml.security | Interfaces and classes used in representing cryptographic credentials, evaluating the trustworthiness of security of tokens, etc. |
| org.opensaml.xml.security.credential | Interfaces and classes related to credentials and ways to represent them. |
| org.opensaml.xml.security.credential.criteria |
Implementations of EvaluableCriteria where the
parameterized evaluation target type is Credential. |
| org.opensaml.xml.security.keyinfo | Interfaces and classes for working with XML KeyInfo elements. |
| org.opensaml.xml.security.keyinfo.provider | Specific implementations of KeyInfoProvider. |
| org.opensaml.xml.security.trust | Interfaces and classes used to evaluate the trustworthiness
and validity of Credentials |
| org.opensaml.xml.security.x509 | X509 based credential and trust class. |
| org.opensaml.xml.signature | XMLObject interfaces and helper classes for representing digitally signed content and signing/validating content. |
| org.opensaml.xml.signature.impl | Implementations of the interfaces for XMLObjects that represent XML signature types. |
| Uses of SecurityException in org.opensaml.xml.security |
|---|
| Methods in org.opensaml.xml.security that throw SecurityException | |
|---|---|
static KeyEncryptionParameters |
SecurityHelper.buildKeyEncryptionParams(Credential encryptionCredential,
String wrappedKeyAlgorithm,
SecurityConfiguration config,
String keyInfoGenName,
String recipient)
Build an instance of KeyEncryptionParameters suitable for passing to an
Encrypter. |
static boolean |
SecurityHelper.matchKeyPair(PublicKey pubKey,
PrivateKey privKey)
Compare the supplied public and private keys, and determine if they correspond to the same key pair. |
static void |
SecurityHelper.prepareSignatureParams(Signature signature,
Credential signingCredential,
SecurityConfiguration config,
String keyInfoGenName)
Prepare a Signature with necessary additional information prior to signing. |
Iterable<ProductType> |
Resolver.resolve(CriteriaType criteria)
Process the specified criteria and return the resulting instances the the product type which satisfy the criteria. |
ProductType |
Resolver.resolveSingle(CriteriaType criteria)
Process the specified criteria and return a single instance of the product type which satisfies the criteria. |
static byte[] |
SigningUtil.sign(Credential signingCredential,
String jcaAlgorithmID,
boolean isMAC,
byte[] input)
Compute the signature or MAC value over the supplied input. |
static byte[] |
SigningUtil.sign(PrivateKey signingKey,
String jcaAlgorithmID,
byte[] input)
Compute the raw signature value over the supplied input. |
static byte[] |
SigningUtil.signMAC(Key signingKey,
String jcaAlgorithmID,
byte[] input)
Compute the Message Authentication Code (MAC) value over the supplied input. |
static byte[] |
SigningUtil.signWithURI(Credential signingCredential,
String algorithmURI,
byte[] input)
Compute the signature or MAC value over the supplied input. |
static boolean |
SigningUtil.verify(Credential verificationCredential,
String jcaAlgorithmID,
boolean isMAC,
byte[] signature,
byte[] input)
Verify the signature value computed over the supplied input against the supplied signature value. |
static boolean |
SigningUtil.verify(PublicKey verificationKey,
String jcaAlgorithmID,
byte[] signature,
byte[] input)
Verify the signature value computed over the supplied input against the supplied signature value. |
static boolean |
SigningUtil.verifyMAC(Key verificationKey,
String jcaAlgorithmID,
byte[] signature,
byte[] input)
Verify the Message Authentication Code (MAC) value computed over the supplied input against the supplied MAC value. |
static boolean |
SigningUtil.verifyWithURI(Credential verificationCredential,
String algorithmURI,
byte[] signature,
byte[] input)
Verify the signature value computed over the supplied input against the supplied signature value. |
| Uses of SecurityException in org.opensaml.xml.security.credential |
|---|
| Methods in org.opensaml.xml.security.credential that throw SecurityException | |
|---|---|
protected Credential |
KeyStoreCredentialResolver.buildCredential(KeyStore.Entry keyStoreEntry,
String entityID,
UsageType usage)
Build a credential instance from the key store entry. |
KeyInfo |
BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator.generate(Credential credential)
Generate a new KeyInfo object based on keying material and other information within a credential. |
Iterable<Credential> |
StaticCredentialResolver.resolve(CriteriaSet criteria)
Process the specified criteria and return the resulting instances the the product type which satisfy the criteria. |
Iterable<Credential> |
ChainingCredentialResolver.resolve(CriteriaSet criteriaSet)
Process the specified criteria and return the resulting instances the the product type which satisfy the criteria. |
Iterable<Credential> |
AbstractCriteriaFilteringCredentialResolver.resolve(CriteriaSet criteriaSet)
Process the specified criteria and return the resulting instances the the product type which satisfy the criteria. |
abstract Iterable<Credential> |
AbstractCredentialResolver.resolve(CriteriaSet criteriaSet)
Process the specified criteria and return the resulting instances the the product type which satisfy the criteria. |
protected Iterable<Credential> |
KeyStoreCredentialResolver.resolveFromSource(CriteriaSet criteriaSet)
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source. |
protected Iterable<Credential> |
CollectionCredentialResolver.resolveFromSource(CriteriaSet criteriaSet)
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source. |
protected abstract Iterable<Credential> |
AbstractCriteriaFilteringCredentialResolver.resolveFromSource(CriteriaSet criteriaSet)
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source. |
Credential |
AbstractCredentialResolver.resolveSingle(CriteriaSet criteriaSet)
Process the specified criteria and return a single instance of the product type which satisfies the criteria. |
| Uses of SecurityException in org.opensaml.xml.security.credential.criteria |
|---|
| Methods in org.opensaml.xml.security.credential.criteria that throw SecurityException | |
|---|---|
static EvaluableCredentialCriteria |
EvaluableCredentialCriteriaRegistry.getEvaluator(Criteria criteria)
Get an instance of EvaluableCredentialCriteria which can evaluate the supplied criteria's requirements against a Credential target. |
| Uses of SecurityException in org.opensaml.xml.security.keyinfo |
|---|
| Methods in org.opensaml.xml.security.keyinfo that throw SecurityException | |
|---|---|
protected Credential |
BasicProviderKeyInfoCredentialResolver.buildBasicCredential(Key key,
Set<String> keyNames)
Construct a basic credential containing the specified key and set of key names. |
KeyInfo |
StaticKeyInfoGenerator.generate(Credential credential)
Generate a new KeyInfo object based on keying material and other information within a credential. |
KeyInfo |
KeyInfoGenerator.generate(Credential credential)
Generate a new KeyInfo object based on keying material and other information within a credential. |
protected void |
BasicProviderKeyInfoCredentialResolver.initResolutionContext(KeyInfoResolutionContext kiContext,
KeyInfo keyInfo,
CriteriaSet criteriaSet)
Initialize the resolution context that will be used by the providers. |
protected void |
LocalKeyInfoCredentialResolver.postProcess(KeyInfoResolutionContext kiContext,
CriteriaSet criteriaSet,
List<Credential> credentials)
Hook for subclasses to do post-processing of the credential set after all KeyInfo children have been processed. |
protected void |
BasicProviderKeyInfoCredentialResolver.postProcess(KeyInfoResolutionContext kiContext,
CriteriaSet criteriaSet,
List<Credential> credentials)
Hook for subclasses to do post-processing of the credential set after all KeyInfo children have been processed. |
protected void |
BasicProviderKeyInfoCredentialResolver.postProcessEmptyCredentials(KeyInfoResolutionContext kiContext,
CriteriaSet criteriaSet,
List<Credential> credentials)
Hook for processing the case where no credentials were returned by any resolution method by any provider, nor by the processing of the BasicProviderKeyInfoCredentialResolver.postProcess(KeyInfoResolutionContext, CriteriaSet, List) hook. |
Collection<Credential> |
KeyInfoProvider.process(KeyInfoCredentialResolver resolver,
XMLObject keyInfoChild,
CriteriaSet criteriaSet,
KeyInfoResolutionContext kiContext)
Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it. |
protected Collection<Credential> |
BasicProviderKeyInfoCredentialResolver.processKeyInfoChild(KeyInfoResolutionContext kiContext,
CriteriaSet criteriaSet,
XMLObject keyInfoChild)
Process the given KeyInfo child with the registered providers. |
protected void |
BasicProviderKeyInfoCredentialResolver.processKeyInfoChildren(KeyInfoResolutionContext kiContext,
CriteriaSet criteriaSet,
List<Credential> credentials)
Use registered providers to process the non-KeyValue children of KeyInfo. |
protected Collection<? extends Credential> |
LocalKeyInfoCredentialResolver.resolveByKeyName(String keyName)
Resolve credentials from local resolver using key name criteria. |
protected Collection<? extends Credential> |
LocalKeyInfoCredentialResolver.resolveByPublicKey(PublicKey publicKey)
Resolve credentials from local resolver using public key criteria. |
protected Iterable<Credential> |
BasicProviderKeyInfoCredentialResolver.resolveFromSource(CriteriaSet criteriaSet)
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source. |
protected void |
BasicProviderKeyInfoCredentialResolver.resolveKeyValue(KeyInfoResolutionContext kiContext,
CriteriaSet criteriaSet,
List<KeyValue> keyValues)
Resolve the key from any KeyValue element that may be present, and store the resulting key in the resolution context. |
| Uses of SecurityException in org.opensaml.xml.security.keyinfo.provider |
|---|
| Methods in org.opensaml.xml.security.keyinfo.provider that throw SecurityException | |
|---|---|
Collection<Credential> |
RSAKeyValueProvider.process(KeyInfoCredentialResolver resolver,
XMLObject keyInfoChild,
CriteriaSet criteriaSet,
KeyInfoResolutionContext kiContext)
Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it. |
Collection<Credential> |
InlineX509DataProvider.process(KeyInfoCredentialResolver resolver,
XMLObject keyInfoChild,
CriteriaSet criteriaSet,
KeyInfoResolutionContext kiContext)
Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it. |
Collection<Credential> |
DSAKeyValueProvider.process(KeyInfoCredentialResolver resolver,
XMLObject keyInfoChild,
CriteriaSet criteriaSet,
KeyInfoResolutionContext kiContext)
Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it. |
| Uses of SecurityException in org.opensaml.xml.security.trust |
|---|
| Methods in org.opensaml.xml.security.trust that throw SecurityException | |
|---|---|
protected void |
ExplicitKeyTrustEngine.checkParams(Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Check the parameters for required values. |
protected void |
ExplicitX509CertificateTrustEngine.checkParams(X509Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Check the parameters for required values. |
boolean |
ExplicitKeyTrustEngine.validate(Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
boolean |
TrustEngine.validate(TokenType token,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
boolean |
ChainingTrustEngine.validate(TokenType token,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
boolean |
ExplicitX509CertificateTrustEngine.validate(X509Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
| Uses of SecurityException in org.opensaml.xml.security.x509 |
|---|
| Methods in org.opensaml.xml.security.x509 that throw SecurityException | |
|---|---|
protected boolean |
PKIXX509CredentialTrustEngine.checkNames(Set<String> trustedNames,
X509Credential untrustedCredential)
Evaluate the credential against the set of trusted names. |
static X509Certificate |
X509Util.determineEntityCertificate(Collection<X509Certificate> certs,
PrivateKey privateKey)
Determines the certificate, from the collection, associated with the private key. |
boolean |
X509CredentialNameEvaluator.evaluate(X509Credential credential,
Set<String> trustedNames)
Evaluate the specified credential against the specified set of trusted names. |
boolean |
BasicX509CredentialNameEvaluator.evaluate(X509Credential credential,
Set<String> trustedNames)
Evaluate the specified credential against the specified set of trusted names. |
KeyInfo |
X509KeyInfoGeneratorFactory.X509KeyInfoGenerator.generate(Credential credential)
Generate a new KeyInfo object based on keying material and other information within a credential. |
protected void |
X509KeyInfoGeneratorFactory.X509KeyInfoGenerator.processCRLs(KeyInfo keyInfo,
X509Data x509Data,
X509Credential credential)
Process the value of X509Credential.getCRLs(). |
protected void |
X509KeyInfoGeneratorFactory.X509KeyInfoGenerator.processEntityCertificate(KeyInfo keyInfo,
X509Data x509Data,
X509Credential credential)
Process the value of X509Credential.getEntityCertificate(). |
protected void |
X509KeyInfoGeneratorFactory.X509KeyInfoGenerator.processEntityCertificateChain(KeyInfo keyInfo,
X509Data x509Data,
X509Credential credential)
Process the value of X509Credential.getEntityCertificateChain(). |
Iterable<PKIXValidationInformation> |
StaticPKIXValidationInformationResolver.resolve(CriteriaSet criteria)
Process the specified criteria and return the resulting instances the the product type which satisfy the criteria. |
PKIXValidationInformation |
StaticPKIXValidationInformationResolver.resolveSingle(CriteriaSet criteria)
Process the specified criteria and return a single instance of the product type which satisfies the criteria. |
Set<String> |
StaticPKIXValidationInformationResolver.resolveTrustedNames(CriteriaSet criteriaSet)
Resolve a set of trusted names associated with the entity indicated by the criteria. |
Set<String> |
PKIXValidationInformationResolver.resolveTrustedNames(CriteriaSet criteriaSet)
Resolve a set of trusted names associated with the entity indicated by the criteria. |
boolean |
PKIXTrustEvaluator.validate(PKIXValidationInformation validationInfo,
X509Credential untrustedCredential)
Validate the specified credential against the specified set of trusted validation information. |
boolean |
CertPathPKIXTrustEvaluator.validate(PKIXValidationInformation validationInfo,
X509Credential untrustedCredential)
Validate the specified credential against the specified set of trusted validation information. |
boolean |
PKIXX509CredentialTrustEngine.validate(X509Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
protected boolean |
PKIXX509CredentialTrustEngine.validate(X509Credential untrustedX509Credential,
Set<String> trustedNames,
Iterable<PKIXValidationInformation> validationInfoSet)
Perform PKIX validation on the untrusted credential, using PKIX validation information based on the supplied set of trusted credentials. |
| Uses of SecurityException in org.opensaml.xml.signature |
|---|
| Methods in org.opensaml.xml.signature that throw SecurityException | |
|---|---|
boolean |
SignatureTrustEngine.validate(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria,
Credential candidateCredential)
Determines whether a raw signature over specified content is valid and signed by a trusted credential. |
| Uses of SecurityException in org.opensaml.xml.signature.impl |
|---|
| Methods in org.opensaml.xml.signature.impl that throw SecurityException | |
|---|---|
protected boolean |
PKIXSignatureTrustEngine.checkNames(Set<String> trustedNames,
X509Credential untrustedCredential)
Evaluate the credential against the set of trusted names. |
protected void |
BaseSignatureTrustEngine.checkParams(Signature signature,
CriteriaSet trustBasisCriteria)
Check the signature and credential criteria for required values. |
protected void |
BaseSignatureTrustEngine.checkParamsRaw(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria)
Check the signature and credential criteria for required values. |
protected boolean |
ExplicitKeySignatureTrustEngine.evaluateTrust(Credential untrustedCredential,
Iterable<Credential> trustedCredentials)
Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information. |
protected boolean |
PKIXSignatureTrustEngine.evaluateTrust(Credential untrustedCredential,
Pair<Set<String>,Iterable<PKIXValidationInformation>> validationPair)
Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information. |
protected abstract boolean |
BaseSignatureTrustEngine.evaluateTrust(Credential untrustedCredential,
TrustBasisType trustBasis)
Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information. |
protected Pair<Set<String>,Iterable<PKIXValidationInformation>> |
PKIXSignatureTrustEngine.resolveValidationInfo(CriteriaSet trustBasisCriteria)
Resolve and return a set of trusted validation information. |
boolean |
PKIXSignatureTrustEngine.validate(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria,
Credential candidateCredential)
Determines whether a raw signature over specified content is valid and signed by a trusted credential. |
boolean |
ExplicitKeySignatureTrustEngine.validate(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria,
Credential candidateCredential)
Determines whether a raw signature over specified content is valid and signed by a trusted credential. |
boolean |
ChainingSignatureTrustEngine.validate(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria,
Credential candidateCredential)
Determines whether a raw signature over specified content is valid and signed by a trusted credential. |
boolean |
PKIXSignatureTrustEngine.validate(Signature signature,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
boolean |
ExplicitKeySignatureTrustEngine.validate(Signature signature,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
boolean |
ChainingSignatureTrustEngine.validate(Signature token,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
protected boolean |
BaseSignatureTrustEngine.validate(Signature signature,
TrustBasisType trustBasis)
Attempt to establish trust by resolving signature verification credentials from the Signature's KeyInfo. |
|
||||||||||
| PREV NEXT | FRAMES NO FRAMES | |||||||||