Package org.opensaml.xmlsec.keyinfo.impl.provider

Class AgreementMethodKeyInfoProvider

java.lang.Object
org.opensaml.xmlsec.keyinfo.impl.provider.AbstractKeyInfoProvider
org.opensaml.xmlsec.keyinfo.impl.provider.AgreementMethodKeyInfoProvider
All Implemented Interfaces:
KeyInfoProvider
public class AgreementMethodKeyInfoProvider extends AbstractKeyInfoProvider
Implementation of KeyInfoProvider which supports AgreementMethod.

  • Field Details

    • log

      private final org.slf4j.Logger log
      Logger.

    • parametersParser

      private final KeyAgreementParametersParser parametersParser
      Parser for AgreementMethod parameters.

  • Constructor Details

    • AgreementMethodKeyInfoProvider

      public AgreementMethodKeyInfoProvider()

  • Method Details

    • handles

      public boolean handles(@Nonnull XMLObject keyInfoChild)
      Evaluate whether the given provider should attempt to handle resolving a credential from the specified KeyInfo child. An evaluation of true does not guarantee that a credential can or will be extracted form the particular KeyInfo child, only that processing should be attempted.
      Parameters:
      keyInfoChild - the KeyInfo child object to consider
      Returns:
      true if the provider should attempt to resolve credentials, false otherwise

    • process

      @Nullable public Collection<Credential> process(@Nonnull KeyInfoCredentialResolver resolver, @Nonnull XMLObject keyInfoChild, @Nullable CriteriaSet criteriaSet, @Nonnull KeyInfoResolutionContext kiContext) throws SecurityException
      Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it.
      Parameters:
      resolver - reference to a resolver which is calling the provider
      keyInfoChild - the KeyInfo child being processed
      criteriaSet - the credential criteria the credential must satisfy
      kiContext - the resolution context, used for sharing state amongst resolvers and providers
      Returns:
      a resolved Credential collection, or null
      Throws:
      SecurityException - if there is an error during credential resolution. Note: failure to resolve a credential is not an error.

    • resolveKeyAlgorithm

      @Nonnull private String resolveKeyAlgorithm(@Nonnull AgreementMethod agreementMethod) throws SecurityException
      Resolve the encryption algorithm URI to be used with the derived key.

      This comes from the AgreementMethod's grandparent's EncryptionMethod child element.

      Parameters:
      agreementMethod - the AgreementMethod to process
      Returns:
      the encryption algorithm URI
      Throws:
      SecurityException - if the algorithm URI can not be resolved

    • resolveOriginatorCredential

      @Nonnull private Credential resolveOriginatorCredential(@Nonnull AgreementMethod agreementMethod, @Nonnull KeyInfoCredentialResolver resolver) throws SecurityException
      Resolve the originator Credential from the OriginatorKeyInfo element.

      This will be the public key credential from the encrypting party.

      Parameters:
      agreementMethod - the AgreementMethod to process
      resolver - the KeyInfoCredentialResolver to use
      Returns:
      the originator credential
      Throws:
      SecurityException - if the originator credential can not be resolved

    • resolveRecipientCredential

      @Nonnull private Credential resolveRecipientCredential(@Nonnull AgreementMethod agreementMethod, @Nonnull KeyInfoCredentialResolver resolver) throws SecurityException
      Resolve the recipient Credential from the RecipientKeyInfo element.

      This will be the private key credential from the decrypting party (this party).

      Parameters:
      agreementMethod - the AgreementMethod to process
      resolver - the KeyInfoCredentialResolver to use
      Returns:
      the recipient credential
      Throws:
      SecurityException - if the recipient credential can not be resolved or does not contain a private key