| Modifier and Type | Method and Description |
|---|---|
Crypto |
SecurityActionToken.getCrypto() |
Crypto |
SignatureEncryptionActionToken.getCrypto() |
| Modifier and Type | Method and Description |
|---|---|
void |
BSPEnforcer.handleBSPRule(BSPRule bspRule) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
Merlin.addTrustAnchors(Set<TrustAnchor> set,
KeyStore keyStore)
Adds
TrustAnchors found in the provided key store to the set. |
void |
AlgorithmSuiteValidator.checkAsymmetricKeyLength(PublicKey publicKey)
Check the asymmetric key length
|
void |
AlgorithmSuiteValidator.checkAsymmetricKeyLength(X509Certificate x509Certificate)
Check the asymmetric key length
|
void |
AlgorithmSuiteValidator.checkAsymmetricKeyLength(X509Certificate[] x509Certificates)
Check the asymmetric key length
|
void |
AlgorithmSuiteValidator.checkC14nAlgorithm(String c14nAlgorithm)
Check the C14n Algorithm
|
void |
AlgorithmSuiteValidator.checkDerivedKeyAlgorithm(String algorithm)
Check Derived Key algorithm
|
void |
AlgorithmSuiteValidator.checkEncryptionDerivedKeyLength(int derivedKeyLength)
Check Encryption Derived Key length (in bytes)
|
void |
AlgorithmSuiteValidator.checkEncryptionKeyWrapAlgorithm(String keyWrapAlgorithm) |
void |
AlgorithmSuiteValidator.checkSignatureAlgorithms(XMLSignature xmlSignature)
Check the Signature Algorithms
|
void |
AlgorithmSuiteValidator.checkSignatureDerivedKeyLength(int derivedKeyLength)
Check Signature Derived Key length (in bytes)
|
void |
AlgorithmSuiteValidator.checkSignatureMethod(String signatureMethod)
Check the Signature Method
|
void |
AlgorithmSuiteValidator.checkSymmetricEncryptionAlgorithm(String symmetricAlgorithm) |
void |
AlgorithmSuiteValidator.checkSymmetricKeyLength(int secretKeyLength)
Check the symmetric key length
|
void |
DERDecoder.expect(byte val)
Confirm that the byte at the current position matches the given value.
|
void |
DERDecoder.expect(int val)
Confirm that the byte at the current position matches the given value.
|
byte[] |
DERDecoder.getBytes(int length)
Return an array of bytes from the current position.
|
byte[] |
CryptoBase.getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.
|
byte[] |
Crypto.getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.
|
CertificateFactory |
CryptoBase.getCertificateFactory()
Get the CertificateFactory instance on this Crypto instance
|
CertificateFactory |
Crypto.getCertificateFactory()
Get the CertificateFactory instance on this Crypto instance
|
CertificateFactory |
Merlin.getCertificateFactory()
Singleton certificate factory for this Crypto instance.
|
X509Certificate[] |
CryptoBase.getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.
|
X509Certificate[] |
Crypto.getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.
|
String |
CryptoBase.getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
String |
Crypto.getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
String |
Merlin.getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
static Crypto |
CryptoFactory.getInstance()
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(Class<? extends Crypto> cryptoClass,
Map<Object,Object> map)
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(Properties properties)
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(Properties properties,
ClassLoader classLoader,
PasswordEncryptor passwordEncryptor)
getInstance
Returns an instance of Crypto loaded with the given classloader.
|
static Crypto |
CryptoFactory.getInstance(String propFilename)
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(String propFilename,
ClassLoader customClassLoader) |
int |
DERDecoder.getLength()
Get the DER length at the current position.
|
protected byte[] |
CryptoBase.getNameConstraints(X509Certificate cert)
Extracts the NameConstraints sequence from the certificate.
|
PrivateKey |
CertificateStore.getPrivateKey(PublicKey publicKey,
CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.
|
PrivateKey |
Crypto.getPrivateKey(PublicKey publicKey,
CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.
|
PrivateKey |
Merlin.getPrivateKey(PublicKey publicKey,
CallbackHandler callbackHandler)
Gets the private key corresponding to the given PublicKey.
|
PrivateKey |
CertificateStore.getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
Crypto.getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
Merlin.getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
CertificateStore.getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
PrivateKey |
Crypto.getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
PrivateKey |
Merlin.getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
static Properties |
CryptoFactory.getProperties(String propFilename,
ClassLoader loader)
This allows loading the resources with a custom class loader
|
byte[] |
CryptoBase.getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.
|
byte[] |
Crypto.getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.
|
byte[] |
X509SubjectPublicKeyInfo.getSubjectPublicKey()
Get the subjectPublicKey element of the SubjectPublicKeyInfo.
|
X509Certificate[] |
CertificateStore.getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
X509Certificate[] |
Crypto.getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
X509Certificate[] |
Merlin.getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
String |
CertificateStore.getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter.
|
String |
Crypto.getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter, e.g.
|
String |
Merlin.getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter.
|
protected KeyStore |
Merlin.load(InputStream input,
String storepass,
String provider,
String type)
Loads the keystore from an
InputStream . |
X509Certificate |
CryptoBase.loadCertificate(InputStream in)
Load a X509Certificate from the input stream.
|
X509Certificate |
Crypto.loadCertificate(InputStream in)
Load a X509Certificate from the input stream.
|
static InputStream |
Merlin.loadInputStream(ClassLoader loader,
String location)
Load a KeyStore object as an InputStream, using the ClassLoader and location arguments
|
void |
Merlin.loadProperties(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
void |
MerlinDevice.loadProperties(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
void |
DERDecoder.skip(int length)
Advance the current position by the given number of bytes.
|
boolean |
DERDecoder.test(byte val)
Test if the byte at the current position matches the given value.
|
void |
CertificateStore.verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
void |
Crypto.verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
void |
Merlin.verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
protected void |
CertificateStore.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
protected void |
MerlinAKI.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
protected void |
Merlin.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
void |
CertificateStore.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints,
Collection<Pattern> issuerCertConstraints) |
void |
Crypto.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints,
Collection<Pattern> issuerCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
void |
Merlin.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints,
Collection<Pattern> issuerCertConstraints) |
| Constructor and Description |
|---|
DERDecoder(byte[] derEncoded)
Construct a DERDecoder for the given byte array.
|
Merlin(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
MerlinAKI(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
MerlinDevice(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
X509SubjectPublicKeyInfo(byte[] x509EncodedPublicKey)
Construct a SubjectPublicKeyInfo for the given X.509-encoded public key.
|
X509SubjectPublicKeyInfo(PublicKey key)
Construct a SubjectPublicKeyInfo for the given public key.
|
| Modifier and Type | Method and Description |
|---|---|
byte[] |
ConversationConstants.DerivationAlgorithm.createKey(byte[] secret,
byte[] seed,
int offset,
long length) |
byte[] |
P_SHA1.createKey(byte[] secret,
byte[] seed,
int offset,
long length) |
byte[] |
DerivationAlgorithm.createKey(byte[] secret,
byte[] seed,
int offset,
long length) |
static byte[] |
DerivedKeyUtils.deriveKey(String algorithm,
String label,
int length,
byte[] secret,
byte[] nonce,
int offset)
Derive a key from this DerivedKeyToken instance
|
static DerivationAlgorithm |
AlgoFactory.getInstance(String algorithm)
This gives a DerivationAlgorithm instance from the default set of algorithms provided
|
| Modifier and Type | Method and Description |
|---|---|
KerberosContext |
KerberosClientExceptionAction.run() |
KerberosServiceContext |
KerberosServiceExceptionAction.run() |
| Modifier and Type | Method and Description |
|---|---|
String |
SamlAssertionWrapper.assertionToString()
Method assertionToString ...
|
void |
SamlAssertionWrapper.checkAudienceRestrictions(List<String> audienceRestrictions)
Check the AudienceRestrictions of the Assertion
|
void |
SamlAssertionWrapper.checkAuthnStatements(int futureTTL)
Check the various attributes of the AuthnStatements of the assertion (if any)
|
void |
SamlAssertionWrapper.checkConditions(int futureTTL)
Check the Conditions of the Assertion.
|
void |
SamlAssertionWrapper.checkIssueInstant(int futureTTL,
int ttl)
Check the IssueInstant value of the Assertion.
|
static org.opensaml.core.xml.XMLObject |
OpenSAMLUtil.fromDom(Element root)
Convert a SAML Assertion from a DOM Element to an XMLObject
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromKeyInfo(Element keyInfoElement,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto)
This method returns a SAMLKeyInfo corresponding to the credential found in the
KeyInfo (DOM Element) argument.
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromSubject(org.opensaml.saml.saml1.core.Assertion assertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a
SAML 1.1 assertion
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromSubject(org.opensaml.saml.saml2.core.Assertion assertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a
SAML 2 assertion
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromSubject(SamlAssertionWrapper samlAssertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
Parse a SAML Assertion to obtain a SAMLKeyInfo object from
the Subject of the assertion
|
org.opensaml.xmlsec.signature.Signature |
SamlAssertionWrapper.getSignature() |
byte[] |
SamlAssertionWrapper.getSignatureValue()
Get the SignatureValue bytes of the signed SAML Assertion
|
void |
SamlAssertionWrapper.parseSubject(SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
This method parses the KeyInfo of the Subject.
|
SAMLKeyInfo |
SAMLKeyInfoProcessor.processSAMLKeyInfo(Element keyInfoElement) |
void |
SamlAssertionWrapper.signAssertion(String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue)
Create an enveloped signature on the assertion that has been created.
|
void |
SamlAssertionWrapper.signAssertion(String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue,
String canonicalizationAlgorithm,
String signatureAlgorithm)
Create an enveloped signature on the assertion that has been created.
|
void |
SamlAssertionWrapper.signAssertion(String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue,
String canonicalizationAlgorithm,
String signatureAlgorithm,
String signatureDigestAlgorithm)
Create an enveloped signature on the assertion that has been created.
|
Element |
SamlAssertionWrapper.toDOM(Document doc)
Create a DOM from the current XMLObject content.
|
static Element |
OpenSAMLUtil.toDom(org.opensaml.core.xml.XMLObject xmlObject,
Document doc)
Convert a SAML Assertion from a XMLObject to a DOM Element
|
static Element |
OpenSAMLUtil.toDom(org.opensaml.core.xml.XMLObject xmlObject,
Document doc,
boolean signObject)
Convert a SAML Assertion from a XMLObject to a DOM Element
|
void |
SamlAssertionWrapper.validateSignatureAgainstProfile()
Validate the signature of the Assertion against the Profile.
|
void |
SamlAssertionWrapper.verifySignature(SAMLKeyInfo samlKeyInfo)
Verify the signature of this assertion
|
void |
SamlAssertionWrapper.verifySignature(SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto)
Verify the signature of this assertion
|
| Constructor and Description |
|---|
SamlAssertionWrapper(Element element)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
|
SamlAssertionWrapper(SAMLCallback samlCallback)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
|
SamlAssertionWrapper(org.opensaml.saml.common.SAMLObject samlObject)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
|
| Modifier and Type | Method and Description |
|---|---|
static org.opensaml.saml.saml2.core.Advice |
SAML2ComponentBuilder.createAdvice(AdviceBean adviceBean)
Create a Advice object
|
static org.opensaml.saml.saml1.core.Advice |
SAML1ComponentBuilder.createAdvice(AdviceBean adviceBean)
Create a Advice object
|
static org.opensaml.xmlsec.signature.KeyInfo |
SAML1ComponentBuilder.createKeyInfo(KeyInfoBean keyInfo)
Create an Opensaml KeyInfo object from the parameters
|
static org.opensaml.saml.saml1.core.Subject |
SAML1ComponentBuilder.createSaml1v1Subject(SubjectBean subjectBean)
Create a SAML Subject from a SubjectBean instance
|
static org.opensaml.saml.saml2.core.Subject |
SAML2ComponentBuilder.createSaml2Subject(SubjectBean subjectBean)
Create a Subject.
|
static List<org.opensaml.saml.saml1.core.AttributeStatement> |
SAML1ComponentBuilder.createSamlv1AttributeStatement(List<AttributeStatementBean> attributeData)
Create SAML 1.1 attribute statement(s)
|
static List<org.opensaml.saml.saml1.core.AuthenticationStatement> |
SAML1ComponentBuilder.createSamlv1AuthenticationStatement(List<AuthenticationStatementBean> authBeans)
Create SAML 1.1 authentication statement(s)
|
static List<org.opensaml.saml.saml1.core.AuthorizationDecisionStatement> |
SAML1ComponentBuilder.createSamlv1AuthorizationDecisionStatement(List<AuthDecisionStatementBean> decisionData)
Create SAML 1.1 Authorization Decision Statement(s)
|
static org.opensaml.saml.saml2.core.SubjectConfirmationData |
SAML2ComponentBuilder.createSubjectConfirmationData(SubjectConfirmationDataBean subjectConfirmationDataBean,
KeyInfoBean keyInfoBean)
Create a SubjectConfirmationData object
|
| Modifier and Type | Method and Description |
|---|---|
void |
SpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
BinarySecurityToken.
|
void |
SpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
boolean isUsernameServiceNameForm)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
BinarySecurityToken.
|
void |
SpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
boolean isUsernameServiceNameForm,
boolean requestCredDeleg,
GSSCredential delegationCredential)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
BinarySecurityToken.
|
byte[] |
SpnegoTokenContext.unwrapKey(byte[] secret)
Unwrap a key
|
void |
SpnegoTokenContext.validateServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
boolean isUsernameServiceNameForm,
byte[] ticket)
Validate a service ticket.
|
void |
SpnegoTokenContext.validateServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
byte[] ticket)
Validate a service ticket.
|
byte[] |
SpnegoTokenContext.wrapKey(byte[] secret)
Wrap a key
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
SecurityTokenReference.getKeyIdentifier(Crypto crypto)
Gets the KeyIdentifier.
|
Reference |
SecurityTokenReference.getReference()
Gets the Reference.
|
X509Certificate |
X509Security.getX509Certificate(Crypto crypto)
Gets the X509Certificate certificate.
|
X509Certificate[] |
PKIPathSecurity.getX509Certificates(Crypto crypto)
get the X509Certificate array.
|
X509Certificate[] |
SecurityTokenReference.getX509IssuerSerial(Crypto crypto)
Gets the certificate identified with X509 issuerSerial data.
|
X509Certificate |
SecurityTokenReference.getX509SKIAlias(Crypto crypto) |
void |
SecurityTokenReference.setKeyIdentifier(String valueType,
String keyIdVal) |
void |
SecurityTokenReference.setKeyIdentifier(String valueType,
String keyIdVal,
boolean base64) |
void |
SecurityTokenReference.setKeyIdentifier(X509Certificate cert)
Sets the KeyIdentifier Element as a X509 certificate.
|
void |
SecurityTokenReference.setKeyIdentifierEncKeySHA1(String value) |
void |
SecurityTokenReference.setKeyIdentifierSKI(X509Certificate cert,
Crypto crypto)
Sets the KeyIdentifier Element as a X509 Subject-Key-Identifier (SKI).
|
void |
SecurityTokenReference.setKeyIdentifierThumb(X509Certificate cert)
Sets the KeyIdentifier Element as a Thumbprint.
|
void |
BinarySecurity.setToken(byte[] data)
set the token information.
|
void |
X509Security.setX509Certificate(X509Certificate cert)
Sets the X509Certificate.
|
void |
PKIPathSecurity.setX509Certificates(X509Certificate[] certs,
Crypto crypto)
set the X509Certificate array.
|
| Constructor and Description |
|---|
BinarySecurity(CallbackHandler callbackHandler)
Create a BinarySecurityToken via a CallbackHandler
|
BinarySecurity(Element elem,
BSPEnforcer bspEnforcer)
Constructor.
|
DOMX509Data(Element x509DataElement)
Constructor.
|
PKIPathSecurity(Element elem,
BSPEnforcer bspEnforcer)
Constructor.
|
Reference(Element elem)
Constructor.
|
SecurityTokenReference(Element elem,
BSPEnforcer bspEnforcer)
Constructor.
|
X509Security(Element elem,
BSPEnforcer bspEnforcer)
This constructor creates a new X509 certificate object and initializes
it from the data contained in the element.
|
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
UsernameTokenUtil.generateDerivedKey(byte[] password,
byte[] salt,
int iteration)
This static method generates a derived key as defined in WSS Username
Token Profile.
|
static byte[] |
UsernameTokenUtil.generateDerivedKey(String password,
byte[] salt,
int iteration)
This static method generates a derived key as defined in WSS Username
Token Profile.
|
static byte[] |
KeyUtils.generateDigest(byte[] inputBytes)
Generate a (SHA1) digest of the input bytes.
|
static String |
AttachmentUtils.getAttachmentId(String xopUri) |
static byte[] |
AttachmentUtils.getBytesFromAttachment(String xopUri,
CallbackHandler attachmentCallbackHandler,
boolean removeAttachments) |
static Cipher |
KeyUtils.getCipherInstance(String cipherAlgo)
Translate the "cipherAlgo" URI to a JCE ID, and return a javax.crypto.Cipher instance
of this type.
|
static Cipher |
KeyUtils.getCipherInstance(String cipherAlgo,
String provider)
Translate the "cipherAlgo" URI to a JCE ID, and request a javax.crypto.Cipher instance
of this type from the given provider.
|
static KeyGenerator |
KeyUtils.getKeyGenerator(String algorithm) |
static int |
KeyUtils.getKeyLength(String algorithm)
Returns the length of the key in # of bytes.
|
static InputStream |
Loader.loadInputStream(ClassLoader loader,
String resource) |
static void |
AttachmentUtils.readAndReplaceEncryptedAttachmentHeaders(Map<String,String> headers,
InputStream attachmentInputStream) |
static InputStream |
AttachmentUtils.setupAttachmentDecryptionStream(String encAlgo,
Cipher cipher,
Key key,
InputStream inputStream) |
static InputStream |
AttachmentUtils.setupAttachmentEncryptionStream(Cipher cipher,
boolean complete,
Attachment attachment,
Map<String,String> headers) |
Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.