public class X509KeyInfoGeneratorFactory.X509KeyInfoGenerator extends BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
KeyInfoGenerator
capable of handling the information
contained within a X509Credential
.Modifier and Type | Field and Description |
---|---|
private org.opensaml.core.xml.XMLObjectBuilder<KeyInfo> |
keyInfoBuilder
Builder for KeyInfo objects.
|
private org.slf4j.Logger |
log
Class logger.
|
private X509KeyInfoGeneratorFactory.X509Options |
options
The set of options to be used by the generator.
|
private org.opensaml.core.xml.XMLObjectBuilder<X509Data> |
x509DataBuilder
Builder for X509Data objects.
|
Modifier | Constructor and Description |
---|---|
protected |
X509KeyInfoGenerator(X509KeyInfoGeneratorFactory.X509Options newOptions)
Constructor.
|
Modifier and Type | Method and Description |
---|---|
KeyInfo |
generate(org.opensaml.security.credential.Credential credential) |
protected String |
getIssuerName(X509Certificate cert)
Get issuer name from a certificate, using the currently configured X500DNHandler
and issuer DN output format.
|
protected String |
getSubjectName(X509Certificate cert)
Get subject name from a certificate, using the currently configured X500DNHandler
and subject DN output format.
|
protected void |
processCertKeyNameOptions(KeyInfo keyInfo,
X509Certificate cert)
Process the options related to generation of KeyName elements based on certificate data.
|
protected void |
processCertX509DataOptions(X509Data x509Data,
X509Certificate cert)
Process the options related to generation of child elements of X509Data based on certificate data.
|
protected void |
processCertX509Digest(X509Data x509Data,
X509Certificate cert)
Process the options related to generation of the X509Digest child element of X509Data
based on certificate data.
|
protected void |
processCertX509IssuerSerial(X509Data x509Data,
X509Certificate cert)
Process the options related to generation of the X509IssuerSerial child element of X509Data
based on certificate data.
|
protected void |
processCertX509SKI(X509Data x509Data,
X509Certificate cert)
Process the options related to generation of the X509SKI child element of X509Data
based on certificate data.
|
protected void |
processCertX509SubjectName(X509Data x509Data,
X509Certificate cert)
Process the options related to generation of the X509SubjectDN child element of X509Data
based on certificate data.
|
protected void |
processCRLs(KeyInfo keyInfo,
X509Data x509Data,
org.opensaml.security.x509.X509Credential credential)
Process the value of
X509Credential.getCRLs() . |
protected void |
processEntityCertificate(KeyInfo keyInfo,
X509Data x509Data,
org.opensaml.security.x509.X509Credential credential)
Process the value of
X509Credential.getEntityCertificate() . |
protected void |
processEntityCertificateChain(KeyInfo keyInfo,
X509Data x509Data,
org.opensaml.security.x509.X509Credential credential)
Process the value of
X509Credential.getEntityCertificateChain() . |
protected void |
processSubjectAltNameKeyNames(KeyInfo keyInfo,
X509Certificate cert)
Process the options related to generation of KeyName elements based on subject
alternative name information within the certificate data.
|
protected void |
processSubjectCNKeyName(KeyInfo keyInfo,
X509Certificate cert)
Process the options related to generation of KeyName elements based on the
the common name field(s) of the certificate's subject DN.
|
protected void |
processSubjectDNKeyName(KeyInfo keyInfo,
X509Certificate cert)
Process the options related to generation of KeyName elements based on the certificate's
subject DN value.
|
processEntityID, processKeyNames, processPublicKey
private final org.slf4j.Logger log
private X509KeyInfoGeneratorFactory.X509Options options
private final org.opensaml.core.xml.XMLObjectBuilder<KeyInfo> keyInfoBuilder
private final org.opensaml.core.xml.XMLObjectBuilder<X509Data> x509DataBuilder
protected X509KeyInfoGenerator(X509KeyInfoGeneratorFactory.X509Options newOptions)
newOptions
- the options to be used by the generator@Nullable public KeyInfo generate(@Nullable org.opensaml.security.credential.Credential credential) throws org.opensaml.security.SecurityException
generate
in interface KeyInfoGenerator
generate
in class BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
org.opensaml.security.SecurityException
protected void processEntityCertificate(@Nonnull KeyInfo keyInfo, @Nonnull X509Data x509Data, @Nonnull org.opensaml.security.x509.X509Credential credential) throws org.opensaml.security.SecurityException
X509Credential.getEntityCertificate()
.keyInfo
- the KeyInfo that is being builtx509Data
- the X509Data that is being builtcredential
- the Credential that is being processedorg.opensaml.security.SecurityException
- thrown if the certificate data can not be encoded from the Java certificate objectprotected void processCertX509DataOptions(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert) throws org.opensaml.security.SecurityException
x509Data
- the X509Data element being processed.cert
- the certificate being processedorg.opensaml.security.SecurityException
- if the certificate cannot be processedprotected void processCertKeyNameOptions(@Nonnull KeyInfo keyInfo, @Nonnull X509Certificate cert)
keyInfo
- the KeyInfo element being processed.cert
- the certificate being processedprotected void processCertX509SubjectName(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert)
x509Data
- the X509Data element being processed.cert
- the certificate being processedprotected void processCertX509IssuerSerial(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert)
x509Data
- the X509Data element being processed.cert
- the certificate being processedprotected void processCertX509SKI(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert)
x509Data
- the X509Data element being processed.cert
- the certificate being processedprotected void processCertX509Digest(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert) throws org.opensaml.security.SecurityException
x509Data
- the X509Data element being processed.cert
- the certificate being processedorg.opensaml.security.SecurityException
- if certificate cannot be digested@Nullable protected String getSubjectName(@Nullable X509Certificate cert)
cert
- the certificate being processedprotected String getIssuerName(@Nullable X509Certificate cert)
cert
- the certificate being processedprotected void processSubjectDNKeyName(@Nonnull KeyInfo keyInfo, @Nullable X509Certificate cert)
keyInfo
- the KeyInfo element being processed.cert
- the certificate being processedprotected void processSubjectCNKeyName(@Nonnull KeyInfo keyInfo, @Nullable X509Certificate cert)
keyInfo
- the KeyInfo element being processed.cert
- the certificate being processedprotected void processSubjectAltNameKeyNames(@Nonnull KeyInfo keyInfo, @Nullable X509Certificate cert)
keyInfo
- the KeyInfo element being processed.cert
- the certificate being processedprotected void processEntityCertificateChain(@Nonnull KeyInfo keyInfo, @Nonnull X509Data x509Data, @Nonnull org.opensaml.security.x509.X509Credential credential) throws org.opensaml.security.SecurityException
X509Credential.getEntityCertificateChain()
.keyInfo
- the KeyInfo that is being builtx509Data
- the X509Data that is being builtcredential
- the Credential that is being processedorg.opensaml.security.SecurityException
- thrown if the certificate data can not be encoded from the Java certificate objectprotected void processCRLs(@Nonnull KeyInfo keyInfo, @Nonnull X509Data x509Data, @Nonnull org.opensaml.security.x509.X509Credential credential) throws org.opensaml.security.SecurityException
X509Credential.getCRLs()
.keyInfo
- the KeyInfo that is being builtx509Data
- the X509Data that is being builtcredential
- the Credential that is being processedorg.opensaml.security.SecurityException
- thrown if the CRL data can not be encoded from the Java certificate objectCopyright © 1999–2020 Shibboleth Consortium. All rights reserved.