org.opensaml.xml.security.keyinfo
Class KeyInfoHelper

java.lang.Object
  org.opensaml.xml.security.keyinfo.KeyInfoHelper

public class KeyInfoHelper
extends Object

Utility class for working with data inside a KeyInfo object. Methods are provided for converting the representation stored in the XMLTooling KeyInfo to Java java.security native types, and for storing these Java native types inside a KeyInfo.

Field Summary

private static CertificateFactory

x509CertFactory Factory for X509Certificate and X509CRL creation.

Constructor Summary

protected

KeyInfoHelper() Constructor.

Method Summary

static void	addCertificate(KeyInfo keyInfo, X509Certificate cert) Converts a native Java X509Certificate into the corresponding XMLObject and stores it in a KeyInfo in the first X509Data element.
static void	addCRL(KeyInfo keyInfo, X509CRL crl) Converts a native Java X509CRL into the corresponding XMLObject and stores it in a KeyInfo in the first X509Data element.
static void	addKeyName(KeyInfo keyInfo, String keyNameValue) Add a new KeyName value to a KeyInfo.
static void	addPublicKey(KeyInfo keyInfo, PublicKey pk) Converts a Java DSA or RSA public key into the corresponding XMLObject and stores it in a KeyInfo in a new KeyValue element.
static DSAKeyValue	buildDSAKeyValue(DSAPublicKey dsaPubKey) Builds a DSAKeyValue XMLObject from the Java security DSA public key type.
protected static PublicKey	buildKey(KeySpec keySpec, String keyAlgorithm) Generates a public key from the given key spec.
static RSAKeyValue	buildRSAKeyValue(RSAPublicKey rsaPubKey) Builds an RSAKeyValue XMLObject from the Java security RSA public key type.
static X509Certificate	buildX509Certificate(X509Certificate cert) Builds an X509Certificate XMLObject from a native Java X509Certificate.
static X509CRL	buildX509CRL(X509CRL crl) Builds an X509CRL XMLObject from a native Java X509CRL.
static X509IssuerSerial	buildX509IssuerSerial(String issuerName, BigInteger serialNumber) Build an X509IssuerSerial containing a given issuer name and serial number.
static X509SKI	buildX509SKI(X509Certificate javaCert) Build an X509SKI containing the subject key identifier extension value contained within a certificate.
static X509SubjectName	buildX509SubjectName(String subjectName) Build an X509SubjectName containing a given subject name.
static BigInteger	decodeBigIntegerFromCryptoBinary(String base64Value) Decode a base64-encoded ds:CryptoBinary value to a native Java BigInteger type.
static String	encodeCryptoBinaryFromBigInteger(BigInteger bigInt) Encode a native Java BigInteger type to a base64-encoded ds:CryptoBinary value.
static X509Certificate	getCertificate(X509Certificate xmlCert) Convert an X509Certificate into a native Java representation.
static List<X509Certificate>	getCertificates(KeyInfo keyInfo) Get a list of the Java X509Certificate within the given KeyInfo.
static List<X509Certificate>	getCertificates(X509Data x509Data) Get a list of the Java X509Certificate within the given X509Data.
static X509CRL	getCRL(X509CRL xmlCRL) Convert an X509CRL into a native Java representation.
static List<X509CRL>	getCRLs(KeyInfo keyInfo) Get a list of the Java X509CRLs within the given KeyInfo.
static List<X509CRL>	getCRLs(X509Data x509Data) Get a list of the Java X509CRLs within the given X509Data.
static PublicKey	getDSAKey(DSAKeyValue keyDescriptor) Builds an DSA key from a DSAKeyValue element.
static PublicKey	getDSAKey(DSAKeyValue keyDescriptor, DSAParams dsaParams) Builds a DSA key from an DSAKeyValue element and the supplied Java DSAParams, which supplies key material from a shared key family.
static PublicKey	getKey(KeyValue keyValue) Extracts the DSA or RSA public key within the KeyValue.
static List<String>	getKeyNames(KeyInfo keyInfo) Get the set of key names inside the specified KeyInfo as a list of strings.
private static Logger	getLogger() Get an SLF4J Logger.
static List<PublicKey>	getPublicKeys(KeyInfo keyInfo) Extracts all the public keys within the given KeyInfo's KeyValues.
static PublicKey	getRSAKey(RSAKeyValue keyDescriptor) Builds an RSA key from an RSAKeyValue element.
protected static CertificateFactory	getX509CertFactory() Get the Java certificate factory singleton.
static boolean	hasCompleteDSAParams(DSAKeyValue keyDescriptor) Check whether the specified DSAKeyValue element has the all optional DSA values which can be shared amongst many keys in a DSA "key family", and are presumed to be known from context.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

x509CertFactory

private static CertificateFactory x509CertFactory

Factory for X509Certificate and X509CRL creation.

Constructor Detail

KeyInfoHelper

protected KeyInfoHelper()

Constructor.

Method Detail

getKeyNames

public static List<String> getKeyNames(KeyInfo keyInfo)

Get the set of key names inside the specified KeyInfo as a list of strings.

Parameters:

keyInfo - KeyInfo to retrieve key names from

Returns:

a list of key name strings

addKeyName

public static void addKeyName(KeyInfo keyInfo,
                              String keyNameValue)

Add a new KeyName value to a KeyInfo.

Parameters:

keyInfo - the KeyInfo to which to add the new value

keyNameValue - the new key name value to add

getCertificates

public static List<X509Certificate> getCertificates(KeyInfo keyInfo)
                                             throws CertificateException

Get a list of the Java X509Certificate within the given KeyInfo.

Parameters:

keyInfo - key info to extract the certificates from

Returns:

a list of Java X509Certificates

Throws:

CertificateException - thrown if there is a problem converting the X509 data into X509Certificates.

getCertificates

public static List<X509Certificate> getCertificates(X509Data x509Data)
                                             throws CertificateException

Get a list of the Java X509Certificate within the given X509Data.

Parameters:

x509Data - X509Data from which to extract the certificate

Returns:

a list of Java X509Certificates

Throws:

CertificateException - thrown if there is a problem converting the X509 data into X509Certificates.

getCertificate

public static X509Certificate getCertificate(X509Certificate xmlCert)
                                      throws CertificateException

Convert an X509Certificate into a native Java representation.

Parameters:

xmlCert - an X509Certificate

Returns:

a X509Certificate

Throws:

CertificateException - thrown if there is a problem converting the X509 data into X509Certificates.

getCRLs

public static List<X509CRL> getCRLs(KeyInfo keyInfo)
                             throws CRLException

Get a list of the Java X509CRLs within the given KeyInfo.

Parameters:

keyInfo - the KeyInfo to extract the CRL's from

Returns:

a list of Java X509CRLs

Throws:

CRLException - thrown if there is a problem converting the CRL data into X509CRLs

getCRLs

public static List<X509CRL> getCRLs(X509Data x509Data)
                             throws CRLException

Get a list of the Java X509CRLs within the given X509Data.

Parameters:

x509Data - X509Data to extract the CRLs from

Returns:

a list of Java X509CRLs

Throws:

CRLException - thrown if there is a problem converting the CRL data into X509CRLs

getCRL

public static X509CRL getCRL(X509CRL xmlCRL)
                      throws CRLException

Convert an X509CRL into a native Java representation.

Parameters:

xmlCRL - object to extract the CRL from

Returns:

a native Java X509CRL object

Throws:

CRLException - thrown if there is a problem converting the CRL data into X509CRLs

addCertificate

public static void addCertificate(KeyInfo keyInfo,
                                  X509Certificate cert)
                           throws CertificateEncodingException

Converts a native Java X509Certificate into the corresponding XMLObject and stores it in a KeyInfo in the first X509Data element. The X509Data element will be created if necessary.

Parameters:

keyInfo - the KeyInfo object into which to add the certificate

cert - the Java X509Certificate to add

Throws:

CertificateEncodingException - thrown when there is an error converting the Java certificate representation to the XMLObject representation

addCRL

public static void addCRL(KeyInfo keyInfo,
                          X509CRL crl)
                   throws CRLException

Converts a native Java X509CRL into the corresponding XMLObject and stores it in a KeyInfo in the first X509Data element. The X509Data element will be created if necessary.

Parameters:

keyInfo - the KeyInfo object into which to add the CRL

crl - the Java X509CRL to add

Throws:

CRLException - thrown when there is an error converting the Java CRL representation to the XMLObject representation

buildX509Certificate

public static X509Certificate buildX509Certificate(X509Certificate cert)
                                            throws CertificateEncodingException

Builds an X509Certificate XMLObject from a native Java X509Certificate.

Parameters:

cert - the Java X509Certificate to convert

Returns:

a X509Certificate XMLObject

Throws:

CertificateEncodingException - thrown when there is an error converting the Java certificate representation to the XMLObject representation

buildX509CRL

public static X509CRL buildX509CRL(X509CRL crl)
                            throws CRLException

Builds an X509CRL XMLObject from a native Java X509CRL.

Parameters:

crl - the Java X509CRL to convert

Returns:

a X509CRL XMLObject

Throws:

CRLException - thrown when there is an error converting the Java CRL representation to the XMLObject representation

buildX509SubjectName

public static X509SubjectName buildX509SubjectName(String subjectName)

Build an X509SubjectName containing a given subject name.

Parameters:

subjectName - the name content

Returns:

the new X509SubjectName

buildX509IssuerSerial

public static X509IssuerSerial buildX509IssuerSerial(String issuerName,
                                                     BigInteger serialNumber)

Build an X509IssuerSerial containing a given issuer name and serial number.

Parameters:

issuerName - the name content

serialNumber - the serial number content

Returns:

the new X509IssuerSerial

buildX509SKI

public static X509SKI buildX509SKI(X509Certificate javaCert)

Build an X509SKI containing the subject key identifier extension value contained within a certificate.

Parameters:

javaCert - the Java X509Certificate from which to extract the subject key identifier value.

Returns:

a new X509SKI object, or null if the certificate did not contain the subject key identifier extension

addPublicKey

public static void addPublicKey(KeyInfo keyInfo,
                                PublicKey pk)
                         throws IllegalArgumentException

Converts a Java DSA or RSA public key into the corresponding XMLObject and stores it in a KeyInfo in a new KeyValue element. As input, only supports PublicKeys which are instances of either DSAPublicKey or RSAPublicKey

Parameters:

keyInfo - the KeyInfo element to which to add the key

pk - the native Java PublicKey to add

Throws:

IllegalArgumentException - thrown if an unsupported public key type is passed

buildRSAKeyValue

public static RSAKeyValue buildRSAKeyValue(RSAPublicKey rsaPubKey)

Builds an RSAKeyValue XMLObject from the Java security RSA public key type.

Parameters:

rsaPubKey - a native Java RSAPublicKey

Returns:

an RSAKeyValue XMLObject

buildDSAKeyValue

public static DSAKeyValue buildDSAKeyValue(DSAPublicKey dsaPubKey)

Builds a DSAKeyValue XMLObject from the Java security DSA public key type.

Parameters:

dsaPubKey - a native Java DSAPublicKey

Returns:

an DSAKeyValue XMLObject

getPublicKeys

public static List<PublicKey> getPublicKeys(KeyInfo keyInfo)
                                     throws KeyException

Extracts all the public keys within the given KeyInfo's KeyValues. This method only supports DSA and RSA key types.

Parameters:

keyInfo - KeyInfo to extract the keys out of

Returns:

a list of native Java PublicKey objects

Throws:

KeyException - thrown if the given key data can not be converted into PublicKey

getKey

public static PublicKey getKey(KeyValue keyValue)
                        throws KeyException

Extracts the DSA or RSA public key within the KeyValue.

Parameters:

keyValue - the KeyValue to extract the key from

Returns:

a native Java security Key object

Throws:

KeyException - thrown if the given key data can not be converted into PublicKey

getDSAKey

public static PublicKey getDSAKey(DSAKeyValue keyDescriptor)
                           throws KeyException

Builds an DSA key from a DSAKeyValue element. The element must contain values for all required DSA public key parameters, including values for shared key family values P, Q and G.

Parameters:

keyDescriptor - the DSAKeyValue key descriptor

Returns:

a new DSAPublicKey instance of PublicKey

Throws:

KeyException - thrown if the key algorithm is not supported by the JCE or the key spec does not contain valid information

getDSAKey

public static PublicKey getDSAKey(DSAKeyValue keyDescriptor,
                                  DSAParams dsaParams)
                           throws KeyException

Builds a DSA key from an DSAKeyValue element and the supplied Java DSAParams, which supplies key material from a shared key family.

Parameters:

keyDescriptor - the DSAKeyValue key descriptor

dsaParams - the DSAParams DSA key family parameters

Returns:

a new DSAPublicKey instance of PublicKey

Throws:

KeyException - thrown if the key algorithm is not supported by the JCE or the key spec does not contain valid information

hasCompleteDSAParams

public static boolean hasCompleteDSAParams(DSAKeyValue keyDescriptor)

Check whether the specified DSAKeyValue element has the all optional DSA values which can be shared amongst many keys in a DSA "key family", and are presumed to be known from context.

Parameters:

keyDescriptor - the DSAKeyValue element to check

Returns:

true if all parameters are present and non-empty, false otherwise

getRSAKey

public static PublicKey getRSAKey(RSAKeyValue keyDescriptor)
                           throws KeyException

Builds an RSA key from an RSAKeyValue element.

Parameters:

keyDescriptor - the RSAKeyValue key descriptor

Returns:

a new RSAPublicKey instance of PublicKey

Throws:

KeyException - thrown if the key algorithm is not supported by the JCE or the key spec does not contain valid information

decodeBigIntegerFromCryptoBinary

public static final BigInteger decodeBigIntegerFromCryptoBinary(String base64Value)

Decode a base64-encoded ds:CryptoBinary value to a native Java BigInteger type.

Parameters:

base64Value - base64-encoded CryptoBinary value

Returns:

the decoded BigInteger

encodeCryptoBinaryFromBigInteger

public static final String encodeCryptoBinaryFromBigInteger(BigInteger bigInt)

Encode a native Java BigInteger type to a base64-encoded ds:CryptoBinary value.

Parameters:

bigInt - the BigInteger value

Returns:

the encoded CryptoBinary value

buildKey

protected static PublicKey buildKey(KeySpec keySpec,
                                    String keyAlgorithm)
                             throws KeyException

Generates a public key from the given key spec.

Parameters:

keySpec - KeySpec specification for the key

keyAlgorithm - key generation algorithm, only DSA and RSA supported

Returns:

the generated PublicKey

Throws:

KeyException - thrown if the key algorithm is not supported by the JCE or the key spec does not contain valid information

getX509CertFactory

protected static CertificateFactory getX509CertFactory()
                                                throws CertificateException

Get the Java certificate factory singleton.

Returns:

CertificateFactory the factory used to create X509 certificate objects

Throws:

CertificateException - thrown if the factory can not be created

getLogger

private static Logger getLogger()

Get an SLF4J Logger.

Returns:

a Logger instance