Package org.opensaml.xmlsec.keyinfo.impl.provider

Class AgreementMethodKeyInfoProvider

java.lang.Object

org.opensaml.xmlsec.keyinfo.impl.provider.AbstractKeyInfoProvider

org.opensaml.xmlsec.keyinfo.impl.provider.AgreementMethodKeyInfoProvider

All Implemented Interfaces:

KeyInfoProvider

public class AgreementMethodKeyInfoProvider
extends AbstractKeyInfoProvider

Implementation of KeyInfoProvider which supports AgreementMethod.

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Logger.
private KeyAgreementParametersParser	parametersParser	Parser for AgreementMethod parameters.

Constructor Summary

Constructors

Constructor	Description
AgreementMethodKeyInfoProvider()

Method Summary

Modifier and Type	Method	Description
boolean	handles(XMLObject keyInfoChild)	Evaluate whether the given provider should attempt to handle resolving a credential from the specified KeyInfo child.
Collection<Credential>	process(KeyInfoCredentialResolver resolver, XMLObject keyInfoChild, CriteriaSet criteriaSet, KeyInfoResolutionContext kiContext)	Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it.
private String	resolveKeyAlgorithm(AgreementMethod agreementMethod)	Resolve the encryption algorithm URI to be used with the derived key.
private Credential	resolveOriginatorCredential(AgreementMethod agreementMethod, KeyInfoCredentialResolver resolver)	Resolve the originator Credential from the OriginatorKeyInfo element.
private Credential	resolveRecipientCredential(AgreementMethod agreementMethod, KeyInfoCredentialResolver resolver)	Resolve the recipient Credential from the RecipientKeyInfo element.

Methods inherited from class org.opensaml.xmlsec.keyinfo.impl.provider.AbstractKeyInfoProvider

buildCredentialContext, extractKeyValue

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

private final org.slf4j.Logger log

Logger.

parametersParser

private final KeyAgreementParametersParser parametersParser

Parser for AgreementMethod parameters.

Constructor Detail

AgreementMethodKeyInfoProvider

public AgreementMethodKeyInfoProvider()

Method Detail

handles

public boolean handles(@Nonnull
                       XMLObject keyInfoChild)

Evaluate whether the given provider should attempt to handle resolving a credential from the specified KeyInfo child. An evaluation of true does not guarantee that a credential can or will be extracted form the particular KeyInfo child, only that processing should be attempted.

Parameters:

keyInfoChild - the KeyInfo child object to consider

Returns:

true if the provider should attempt to resolve credentials, false otherwise

process

@Nullable
public Collection<Credential> process(@Nonnull
                                      KeyInfoCredentialResolver resolver,
                                      @Nonnull
                                      XMLObject keyInfoChild,
                                      @Nullable
                                      CriteriaSet criteriaSet,
                                      @Nonnull
                                      KeyInfoResolutionContext kiContext)
                               throws SecurityException

Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it.

Parameters:

resolver - reference to a resolver which is calling the provider

keyInfoChild - the KeyInfo child being processed

criteriaSet - the credential criteria the credential must satisfy

kiContext - the resolution context, used for sharing state amongst resolvers and providers

Returns:

a resolved Credential collection, or null

Throws:

SecurityException - if there is an error during credential resolution. Note: failure to resolve a credential is not an error.

resolveKeyAlgorithm

@Nonnull
private String resolveKeyAlgorithm(@Nonnull
                                   AgreementMethod agreementMethod)
                            throws SecurityException

Resolve the encryption algorithm URI to be used with the derived key.

This comes from the AgreementMethod's grandparent's EncryptionMethod child element.

Parameters:

agreementMethod - the AgreementMethod to process

Returns:

the encryption algorithm URI

Throws:

SecurityException - if the algorithm URI can not be resolved

resolveOriginatorCredential

@Nonnull
private Credential resolveOriginatorCredential(@Nonnull
                                               AgreementMethod agreementMethod,
                                               @Nonnull
                                               KeyInfoCredentialResolver resolver)
                                        throws SecurityException

Resolve the originator Credential from the OriginatorKeyInfo element.

This will be the public key credential from the encrypting party.

Parameters:

agreementMethod - the AgreementMethod to process

resolver - the KeyInfoCredentialResolver to use

Returns:

the originator credential

Throws:

SecurityException - if the originator credential can not be resolved

resolveRecipientCredential

@Nonnull
private Credential resolveRecipientCredential(@Nonnull
                                              AgreementMethod agreementMethod,
                                              @Nonnull
                                              KeyInfoCredentialResolver resolver)
                                       throws SecurityException

Resolve the recipient Credential from the RecipientKeyInfo element.

This will be the private key credential from the decrypting party (this party).

Parameters:

agreementMethod - the AgreementMethod to process

resolver - the KeyInfoCredentialResolver to use

Returns:

the recipient credential

Throws:

SecurityException - if the recipient credential can not be resolved or does not contain a private key