Class X509KeyInfoGeneratorFactory.X509KeyInfoGenerator

java.lang.Object
org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory.X509KeyInfoGenerator
All Implemented Interfaces:
KeyInfoGenerator
Enclosing class:
X509KeyInfoGeneratorFactory

public class X509KeyInfoGeneratorFactory.X509KeyInfoGenerator extends BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
An implementation of KeyInfoGenerator capable of handling the information contained within a X509Credential.
  • Field Details

  • Constructor Details

  • Method Details

    • generate

      @Nullable public KeyInfo generate(@Nullable Credential credential) throws SecurityException
      Generate a new KeyInfo object based on keying material and other information within a credential.
      Specified by:
      generate in interface KeyInfoGenerator
      Overrides:
      generate in class BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
      Parameters:
      credential - the credential containing keying material and possibly other information
      Returns:
      a new KeyInfo object or null if nothing was generated
      Throws:
      SecurityException - thrown if there is any error generating the new KeyInfo from the credential
    • processEntityCertificate

      protected void processEntityCertificate(@Nonnull KeyInfo keyInfo, @Nonnull X509Data x509Data, @Nonnull X509Credential credential) throws SecurityException
      Parameters:
      keyInfo - the KeyInfo that is being built
      x509Data - the X509Data that is being built
      credential - the Credential that is being processed
      Throws:
      SecurityException - thrown if the certificate data can not be encoded from the Java certificate object
    • processCertX509DataOptions

      protected void processCertX509DataOptions(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert) throws SecurityException
      Process the options related to generation of child elements of X509Data based on certificate data.
      Parameters:
      x509Data - the X509Data element being processed.
      cert - the certificate being processed
      Throws:
      SecurityException - if the certificate cannot be processed
    • processCertKeyNameOptions

      protected void processCertKeyNameOptions(@Nonnull KeyInfo keyInfo, @Nonnull X509Certificate cert)
      Process the options related to generation of KeyName elements based on certificate data.
      Parameters:
      keyInfo - the KeyInfo element being processed.
      cert - the certificate being processed
    • processCertX509SubjectName

      protected void processCertX509SubjectName(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert)
      Process the options related to generation of the X509SubjectDN child element of X509Data based on certificate data.
      Parameters:
      x509Data - the X509Data element being processed.
      cert - the certificate being processed
    • processCertX509IssuerSerial

      protected void processCertX509IssuerSerial(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert)
      Process the options related to generation of the X509IssuerSerial child element of X509Data based on certificate data.
      Parameters:
      x509Data - the X509Data element being processed.
      cert - the certificate being processed
    • processCertX509SKI

      protected void processCertX509SKI(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert) throws SecurityException
      Process the options related to generation of the X509SKI child element of X509Data based on certificate data.
      Parameters:
      x509Data - the X509Data element being processed.
      cert - the certificate being processed
      Throws:
      SecurityException - if there is an error in generating the subject key identifier
    • processCertX509Digest

      protected void processCertX509Digest(@Nonnull X509Data x509Data, @Nonnull X509Certificate cert) throws SecurityException
      Process the options related to generation of the X509Digest child element of X509Data based on certificate data.
      Parameters:
      x509Data - the X509Data element being processed.
      cert - the certificate being processed
      Throws:
      SecurityException - if certificate cannot be digested
    • getSubjectName

      @Nullable protected String getSubjectName(@Nullable X509Certificate cert)
      Get subject name from a certificate, using the currently configured X500DNHandler and subject DN output format.
      Parameters:
      cert - the certificate being processed
      Returns:
      the subject name
    • getIssuerName

      protected String getIssuerName(@Nullable X509Certificate cert)
      Get issuer name from a certificate, using the currently configured X500DNHandler and issuer DN output format.
      Parameters:
      cert - the certificate being processed
      Returns:
      the issuer name
    • processSubjectDNKeyName

      protected void processSubjectDNKeyName(@Nonnull KeyInfo keyInfo, @Nullable X509Certificate cert)
      Process the options related to generation of KeyName elements based on the certificate's subject DN value.
      Parameters:
      keyInfo - the KeyInfo element being processed.
      cert - the certificate being processed
    • processSubjectCNKeyName

      protected void processSubjectCNKeyName(@Nonnull KeyInfo keyInfo, @Nullable X509Certificate cert)
      Process the options related to generation of KeyName elements based on the the common name field(s) of the certificate's subject DN.
      Parameters:
      keyInfo - the KeyInfo element being processed.
      cert - the certificate being processed
    • processSubjectAltNameKeyNames

      protected void processSubjectAltNameKeyNames(@Nonnull KeyInfo keyInfo, @Nullable X509Certificate cert)
      Process the options related to generation of KeyName elements based on subject alternative name information within the certificate data.
      Parameters:
      keyInfo - the KeyInfo element being processed.
      cert - the certificate being processed
    • processEntityCertificateChain

      protected void processEntityCertificateChain(@Nonnull KeyInfo keyInfo, @Nonnull X509Data x509Data, @Nonnull X509Credential credential) throws SecurityException
      Parameters:
      keyInfo - the KeyInfo that is being built
      x509Data - the X509Data that is being built
      credential - the Credential that is being processed
      Throws:
      SecurityException - thrown if the certificate data can not be encoded from the Java certificate object
    • processCRLs

      protected void processCRLs(@Nonnull KeyInfo keyInfo, @Nonnull X509Data x509Data, @Nonnull X509Credential credential) throws SecurityException
      Process the value of X509Credential.getCRLs().
      Parameters:
      keyInfo - the KeyInfo that is being built
      x509Data - the X509Data that is being built
      credential - the Credential that is being processed
      Throws:
      SecurityException - thrown if the CRL data can not be encoded from the Java certificate object