org.opensaml.saml.saml2.encryption

Class Decrypter

java.lang.Object

org.opensaml.xmlsec.encryption.support.Decrypter

org.opensaml.saml.saml2.encryption.Decrypter

public class Decrypter
extends Decrypter

Class which implements SAML2-specific options for EncryptedElementType objects.

For information on other parameters and options, and general XML Encryption issues, see Decrypter.

Field Summary

Fields

Modifier and Type	Field and Description
private Logger	log Class logger.

Constructor Summary

Constructors

Constructor and Description
Decrypter(DecryptionParameters params) Constructor.
Decrypter(KeyInfoCredentialResolver newResolver, KeyInfoCredentialResolver newKEKResolver, EncryptedKeyResolver newEncKeyResolver) Constructor.
Decrypter(KeyInfoCredentialResolver newResolver, KeyInfoCredentialResolver newKEKResolver, EncryptedKeyResolver newEncKeyResolver, Collection<String> whitelistAlgos, Collection<String> blacklistAlgos) Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
Assertion	decrypt(EncryptedAssertion encryptedAssertion) Decrypt the specified EncryptedAssertion.
Attribute	decrypt(EncryptedAttribute encryptedAttribute) Decrypt the specified EncryptedAttribute.
SAMLObject	decrypt(EncryptedID encryptedID) Decrypt the specified EncryptedID.
NewID	decrypt(NewEncryptedID newEncryptedID) Decrypt the specified NewEncryptedID.
private SAMLObject	decryptData(EncryptedElementType encElement) Decrypt the specified instance of EncryptedElementType, and return it as an instance of the specified QName.

Methods inherited from class org.opensaml.xmlsec.encryption.support.Decrypter

buildParserPool, checkAndMarshall, decryptData, decryptData, decryptDataToDOM, decryptDataToDOM, decryptDataToList, decryptDataToList, decryptKey, decryptKey, getJCAProviderName, getKEKResolverCriteria, getKeyResolverCriteria, isRootInNewDocument, preProcessEncryptedKey, setJCAProviderName, setKEKResolverCriteria, setKeyResolverCriteria, setRootInNewDocument, validateAlgorithms, validateAlgorithms, validateAlgorithmURI

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

private final Logger log

Class logger.

Constructor Detail

Decrypter

public Decrypter(DecryptionParameters params)

Constructor.

Parameters:

params - decryption parameters to use

Decrypter

public Decrypter(@Nullable
         KeyInfoCredentialResolver newResolver,
         @Nullable
         KeyInfoCredentialResolver newKEKResolver,
         @Nullable
         EncryptedKeyResolver newEncKeyResolver)

Constructor.

Parameters:

newResolver - resolver for data encryption keys.

newKEKResolver - resolver for key encryption keys.

newEncKeyResolver - resolver for EncryptedKey elements

Decrypter

public Decrypter(@Nullable
         KeyInfoCredentialResolver newResolver,
         @Nullable
         KeyInfoCredentialResolver newKEKResolver,
         @Nullable
         EncryptedKeyResolver newEncKeyResolver,
         @Nullable
         Collection<String> whitelistAlgos,
         @Nullable
         Collection<String> blacklistAlgos)

Constructor.

Parameters:

newResolver - resolver for data encryption keys.

newKEKResolver - resolver for key encryption keys.

newEncKeyResolver - resolver for EncryptedKey elements

whitelistAlgos - collection of whitelisted algorithm URIs

blacklistAlgos - collection of blacklisted algorithm URIs

Method Detail

decrypt

public Assertion decrypt(@Nonnull
                EncryptedAssertion encryptedAssertion)
                  throws DecryptionException

Decrypt the specified EncryptedAssertion.

Parameters:

encryptedAssertion - the EncryptedAssertion to decrypt

Returns:

an Assertion

Throws:

DecryptionException - thrown when decryption generates an error

decrypt

public Attribute decrypt(@Nonnull
                EncryptedAttribute encryptedAttribute)
                  throws DecryptionException

Decrypt the specified EncryptedAttribute.

Parameters:

encryptedAttribute - the EncryptedAttribute to decrypt

Returns:

an Attribute

Throws:

DecryptionException - thrown when decryption generates an error

decrypt

public SAMLObject decrypt(@Nonnull
                 EncryptedID encryptedID)
                   throws DecryptionException

Decrypt the specified EncryptedID.

Note that an EncryptedID can contain a NameID, an Assertion or a BaseID. It is up to the caller to determine the type of the resulting SAMLObject.

Parameters:

encryptedID - the EncryptedID to decrypt

Returns:

an XMLObject

Throws:

DecryptionException - thrown when decryption generates an error

decrypt

public NewID decrypt(@Nonnull
            NewEncryptedID newEncryptedID)
              throws DecryptionException

Decrypt the specified NewEncryptedID.

Parameters:

newEncryptedID - the NewEncryptedID to decrypt

Returns:

a NewID

Throws:

DecryptionException - thrown when decryption generates an error

decryptData

private SAMLObject decryptData(@Nonnull
                     EncryptedElementType encElement)
                        throws DecryptionException

Decrypt the specified instance of EncryptedElementType, and return it as an instance of the specified QName.

Parameters:

encElement - the EncryptedElementType to decrypt

Returns:

the decrypted SAMLObject

Throws:

DecryptionException - thrown when decryption generates an error