Package org.opensaml.saml.saml2.encryption

Class Decrypter

java.lang.Object

org.opensaml.xmlsec.encryption.support.Decrypter

org.opensaml.saml.saml2.encryption.Decrypter

public class Decrypter
extends Decrypter

Class which implements SAML2-specific options for EncryptedElementType objects.

For information on other parameters and options, and general XML Encryption issues, see Decrypter.

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
Decrypter(DecryptionParameters params)	Constructor.
Decrypter(KeyInfoCredentialResolver newResolver, KeyInfoCredentialResolver newKEKResolver, EncryptedKeyResolver newEncKeyResolver)	Constructor.
Decrypter(KeyInfoCredentialResolver newResolver, KeyInfoCredentialResolver newKEKResolver, EncryptedKeyResolver newEncKeyResolver, Collection<String> includeAlgos, Collection<String> excludeAlgos)	Constructor.

Method Summary

Modifier and Type	Method	Description
Assertion	decrypt(EncryptedAssertion encryptedAssertion)	Decrypt the specified EncryptedAssertion.
Attribute	decrypt(EncryptedAttribute encryptedAttribute)	Decrypt the specified EncryptedAttribute.
SAMLObject	decrypt(EncryptedID encryptedID)	Decrypt the specified EncryptedID.
NewID	decrypt(NewEncryptedID newEncryptedID)	Decrypt the specified NewEncryptedID.
private SAMLObject	decryptData(EncryptedElementType encElement)	Decrypt the specified instance of EncryptedElementType, and return it as an instance of the specified QName.
private void	logPostDecryption(XMLObject xmlObject)	Log the target object after decryption.

Methods inherited from class org.opensaml.xmlsec.encryption.support.Decrypter

buildParserPool, checkAndMarshall, decryptData, decryptData, decryptDataToDOM, decryptDataToDOM, decryptDataToList, decryptDataToList, decryptKey, decryptKey, getJCAProviderName, getKEKResolverCriteria, getKeyResolverCriteria, isRootInNewDocument, preProcessEncryptedKey, setJCAProviderName, setKEKResolverCriteria, setKeyResolverCriteria, setRootInNewDocument, validateAlgorithms, validateAlgorithms, validateAlgorithmURI

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

private final org.slf4j.Logger log

Class logger.

Constructor Detail

Decrypter

public Decrypter(DecryptionParameters params)

Constructor.

Parameters:

params - decryption parameters to use

Decrypter

public Decrypter(@Nullable
                 KeyInfoCredentialResolver newResolver,
                 @Nullable
                 KeyInfoCredentialResolver newKEKResolver,
                 @Nullable
                 EncryptedKeyResolver newEncKeyResolver)

Constructor.

Parameters:

newResolver - resolver for data encryption keys.

newKEKResolver - resolver for key encryption keys.

newEncKeyResolver - resolver for EncryptedKey elements

Decrypter

public Decrypter(@Nullable
                 KeyInfoCredentialResolver newResolver,
                 @Nullable
                 KeyInfoCredentialResolver newKEKResolver,
                 @Nullable
                 EncryptedKeyResolver newEncKeyResolver,
                 @Nullable
                 Collection<String> includeAlgos,
                 @Nullable
                 Collection<String> excludeAlgos)

Constructor.

Parameters:

newResolver - resolver for data encryption keys.

newKEKResolver - resolver for key encryption keys.

newEncKeyResolver - resolver for EncryptedKey elements

includeAlgos - collection of included algorithm URIs

excludeAlgos - collection of excluded algorithm URIs

Method Detail

decrypt

public Assertion decrypt(@Nonnull
                         EncryptedAssertion encryptedAssertion)
                  throws DecryptionException

Decrypt the specified EncryptedAssertion.

Parameters:

encryptedAssertion - the EncryptedAssertion to decrypt

Returns:

an Assertion

Throws:

DecryptionException - thrown when decryption generates an error

decrypt

public Attribute decrypt(@Nonnull
                         EncryptedAttribute encryptedAttribute)
                  throws DecryptionException

Decrypt the specified EncryptedAttribute.

Parameters:

encryptedAttribute - the EncryptedAttribute to decrypt

Returns:

an Attribute

Throws:

DecryptionException - thrown when decryption generates an error

decrypt

public SAMLObject decrypt(@Nonnull
                          EncryptedID encryptedID)
                   throws DecryptionException

Decrypt the specified EncryptedID.

Note that an EncryptedID can contain a NameID, an Assertion or a BaseID. It is up to the caller to determine the type of the resulting SAMLObject.

Parameters:

encryptedID - the EncryptedID to decrypt

Returns:

an XMLObject

Throws:

DecryptionException - thrown when decryption generates an error

decrypt

public NewID decrypt(@Nonnull
                     NewEncryptedID newEncryptedID)
              throws DecryptionException

Decrypt the specified NewEncryptedID.

Parameters:

newEncryptedID - the NewEncryptedID to decrypt

Returns:

a NewID

Throws:

DecryptionException - thrown when decryption generates an error

decryptData

private SAMLObject decryptData(@Nonnull
                               EncryptedElementType encElement)
                        throws DecryptionException

Decrypt the specified instance of EncryptedElementType, and return it as an instance of the specified QName.

Parameters:

encElement - the EncryptedElementType to decrypt

Returns:

the decrypted SAMLObject

Throws:

DecryptionException - thrown when decryption generates an error

logPostDecryption

private void logPostDecryption(XMLObject xmlObject)

Log the target object after decryption.

Parameters:

xmlObject - the decrypted XMLObject