| Modifier and Type | Method and Description |
|---|---|
Crypto |
SecurityActionToken.getCrypto() |
Crypto |
SignatureEncryptionActionToken.getCrypto() |
| Modifier and Type | Method and Description |
|---|---|
void |
AlgorithmSuiteValidator.checkAsymmetricKeyLength(PublicKey publicKey)
Check the asymmetric key length
|
void |
AlgorithmSuiteValidator.checkAsymmetricKeyLength(X509Certificate x509Certificate)
Check the asymmetric key length
|
void |
AlgorithmSuiteValidator.checkAsymmetricKeyLength(X509Certificate[] x509Certificates)
Check the asymmetric key length
|
void |
AlgorithmSuiteValidator.checkC14nAlgorithm(String c14nAlgorithm)
Check the C14n Algorithm
|
void |
AlgorithmSuiteValidator.checkDerivedKeyAlgorithm(String algorithm)
Check Derived Key algorithm
|
void |
AlgorithmSuiteValidator.checkEncryptionDerivedKeyLength(int derivedKeyLength)
Check Encryption Derived Key length (in bytes)
|
void |
AlgorithmSuiteValidator.checkEncryptionKeyWrapAlgorithm(String keyWrapAlgorithm) |
void |
AlgorithmSuiteValidator.checkSignatureAlgorithms(XMLSignature xmlSignature)
Check the Signature Algorithms
|
void |
AlgorithmSuiteValidator.checkSignatureDerivedKeyLength(int derivedKeyLength)
Check Signature Derived Key length (in bytes)
|
void |
AlgorithmSuiteValidator.checkSignatureMethod(String signatureMethod)
Check the Signature Method
|
void |
AlgorithmSuiteValidator.checkSymmetricEncryptionAlgorithm(String symmetricAlgorithm) |
void |
AlgorithmSuiteValidator.checkSymmetricKeyLength(int secretKeyLength)
Check the symmetric key length
|
void |
DERDecoder.expect(byte val)
Confirm that the byte at the current position matches the given value.
|
void |
DERDecoder.expect(int val)
Confirm that the byte at the current position matches the given value.
|
byte[] |
DERDecoder.getBytes(int length)
Return an array of bytes from the current position.
|
byte[] |
CryptoBase.getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.
|
byte[] |
Crypto.getBytesFromCertificates(X509Certificate[] certs)
Get a byte array given an array of X509 certificates.
|
CertificateFactory |
Merlin.getCertificateFactory()
Singleton certificate factory for this Crypto instance.
|
CertificateFactory |
CryptoBase.getCertificateFactory()
Get the CertificateFactory instance on this Crypto instance
|
CertificateFactory |
Crypto.getCertificateFactory()
Get the CertificateFactory instance on this Crypto instance
|
X509Certificate[] |
CryptoBase.getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.
|
X509Certificate[] |
Crypto.getCertificatesFromBytes(byte[] data)
Construct an array of X509Certificate's from the byte array.
|
String |
Merlin.getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
String |
CryptoBase.getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
String |
Crypto.getDefaultX509Identifier()
Retrieves the identifier name of the default certificate.
|
static Crypto |
CryptoFactory.getInstance()
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(Class<? extends Crypto> cryptoClass,
Map<Object,Object> map)
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(Properties properties)
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(Properties properties,
ClassLoader classLoader,
PasswordEncryptor passwordEncryptor)
getInstance
Returns an instance of Crypto loaded with the given classloader.
|
static Crypto |
CryptoFactory.getInstance(String propFilename)
getInstance
Returns an instance of Crypto.
|
static Crypto |
CryptoFactory.getInstance(String propFilename,
ClassLoader customClassLoader) |
int |
DERDecoder.getLength()
Get the DER length at the current position.
|
PrivateKey |
Merlin.getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
CertificateStore.getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
Crypto.getPrivateKey(String identifier,
String password)
Gets the private key corresponding to the identifier.
|
PrivateKey |
Merlin.getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
PrivateKey |
CertificateStore.getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
PrivateKey |
Crypto.getPrivateKey(X509Certificate certificate,
CallbackHandler callbackHandler)
Gets the private key corresponding to the certificate.
|
static Properties |
CryptoFactory.getProperties(String propFilename,
ClassLoader loader)
This allows loading the resources with a custom class loader
|
byte[] |
CryptoBase.getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.
|
byte[] |
Crypto.getSKIBytesFromCert(X509Certificate cert)
Reads the SubjectKeyIdentifier information from the certificate.
|
byte[] |
X509SubjectPublicKeyInfo.getSubjectPublicKey()
Get the subjectPublicKey element of the SubjectPublicKeyInfo.
|
X509Certificate[] |
Merlin.getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
X509Certificate[] |
CertificateStore.getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
X509Certificate[] |
Crypto.getX509Certificates(CryptoType cryptoType)
Get an X509Certificate (chain) corresponding to the CryptoType argument.
|
String |
Merlin.getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter.
|
String |
CertificateStore.getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter.
|
String |
Crypto.getX509Identifier(X509Certificate cert)
Get the implementation-specific identifier corresponding to the cert parameter, e.g.
|
KeyStore |
Merlin.load(InputStream input,
String storepass,
String provider,
String type)
Loads the keystore from an
InputStream . |
X509Certificate |
CryptoBase.loadCertificate(InputStream in)
Load a X509Certificate from the input stream.
|
X509Certificate |
Crypto.loadCertificate(InputStream in)
Load a X509Certificate from the input stream.
|
static InputStream |
Merlin.loadInputStream(ClassLoader loader,
String location)
Load a KeyStore object as an InputStream, using the ClassLoader and location arguments
|
void |
Merlin.loadProperties(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
void |
MerlinDevice.loadProperties(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
void |
DERDecoder.skip(int length)
Advance the current position by the given number of bytes.
|
boolean |
DERDecoder.test(byte val)
Test if the byte at the current position matches the given value.
|
void |
CryptoBase.verifyDirectTrust(X509Certificate[] certs) |
void |
Crypto.verifyDirectTrust(X509Certificate[] certs)
Evaluate whether a given public key should be trusted directly (located
|
void |
Merlin.verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
void |
CertificateStore.verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
void |
Crypto.verifyTrust(PublicKey publicKey)
Evaluate whether a given public key should be trusted.
|
void |
Merlin.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
void |
CertificateStore.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
void |
MerlinAKI.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
void |
Crypto.verifyTrust(X509Certificate[] certs,
boolean enableRevocation,
Collection<Pattern> subjectCertConstraints)
Evaluate whether a given certificate chain should be trusted.
|
| Constructor and Description |
|---|
DERDecoder(byte[] derEncoded)
Construct a DERDecoder for the given byte array.
|
Merlin(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
MerlinAKI(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
MerlinDevice(Properties properties,
ClassLoader loader,
PasswordEncryptor passwordEncryptor) |
X509SubjectPublicKeyInfo(byte[] x509EncodedPublicKey)
Construct a SubjectPublicKeyInfo for the given X.509-encoded public key.
|
X509SubjectPublicKeyInfo(PublicKey key)
Construct a SubjectPublicKeyInfo for the given public key.
|
| Modifier and Type | Method and Description |
|---|---|
byte[] |
P_SHA1.createKey(byte[] secret,
byte[] seed,
int offset,
long length) |
byte[] |
DerivationAlgorithm.createKey(byte[] secret,
byte[] seed,
int offset,
long length) |
static byte[] |
DerivedKeyUtils.deriveKey(String algorithm,
String label,
int length,
byte[] secret,
byte[] nonce,
int offset)
Derive a key from this DerivedKeyToken instance
|
static DerivationAlgorithm |
AlgoFactory.getInstance(String algorithm)
This gives a DerivationAlgorithm instance from the default set of algorithms provided
|
| Modifier and Type | Method and Description |
|---|---|
KerberosServiceContext |
KerberosServiceExceptionAction.run() |
KerberosContext |
KerberosClientExceptionAction.run() |
| Modifier and Type | Method and Description |
|---|---|
String |
SamlAssertionWrapper.assertionToString()
Method assertionToString ...
|
void |
SamlAssertionWrapper.checkAudienceRestrictions(List<String> audienceRestrictions)
Check the AudienceRestrictions of the Assertion
|
void |
SamlAssertionWrapper.checkAuthnStatements(int futureTTL)
Check the various attributes of the AuthnStatements of the assertion (if any)
|
void |
SamlAssertionWrapper.checkConditions(int futureTTL)
Check the Conditions of the Assertion.
|
void |
SamlAssertionWrapper.checkIssueInstant(int futureTTL,
int ttl)
Check the IssueInstant value of the Assertion.
|
static org.opensaml.xml.XMLObject |
OpenSAMLUtil.fromDom(Element root)
Convert a SAML Assertion from a DOM Element to an XMLObject
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromKeyInfo(Element keyInfoElement,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto)
This method returns a SAMLKeyInfo corresponding to the credential found in the
KeyInfo (DOM Element) argument.
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromSubject(org.opensaml.saml1.core.Assertion assertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a
SAML 1.1 assertion
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromSubject(org.opensaml.saml2.core.Assertion assertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
Get the SAMLKeyInfo object corresponding to the credential stored in the Subject of a
SAML 2 assertion
|
static SAMLKeyInfo |
SAMLUtil.getCredentialFromSubject(SamlAssertionWrapper samlAssertion,
SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
Parse a SAML Assertion to obtain a SAMLKeyInfo object from
the Subject of the assertion
|
org.opensaml.xml.signature.Signature |
SamlAssertionWrapper.getSignature() |
byte[] |
SamlAssertionWrapper.getSignatureValue()
Get the SignatureValue bytes of the signed SAML Assertion
|
void |
SamlAssertionWrapper.parseSubject(SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto,
CallbackHandler callbackHandler)
This method parses the KeyInfo of the Subject.
|
SAMLKeyInfo |
SAMLKeyInfoProcessor.processSAMLKeyInfo(Element keyInfoElement) |
void |
SamlAssertionWrapper.signAssertion(String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue)
Create an enveloped signature on the assertion that has been created.
|
void |
SamlAssertionWrapper.signAssertion(String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue,
String canonicalizationAlgorithm,
String signatureAlgorithm)
Create an enveloped signature on the assertion that has been created.
|
void |
SamlAssertionWrapper.signAssertion(String issuerKeyName,
String issuerKeyPassword,
Crypto issuerCrypto,
boolean sendKeyValue,
String canonicalizationAlgorithm,
String signatureAlgorithm,
String signatureDigestAlgorithm)
Create an enveloped signature on the assertion that has been created.
|
Element |
SamlAssertionWrapper.toDOM(Document doc)
Create a DOM from the current XMLObject content.
|
static Element |
OpenSAMLUtil.toDom(org.opensaml.xml.XMLObject xmlObject,
Document doc)
Convert a SAML Assertion from a XMLObject to a DOM Element
|
static Element |
OpenSAMLUtil.toDom(org.opensaml.xml.XMLObject xmlObject,
Document doc,
boolean signObject)
Convert a SAML Assertion from a XMLObject to a DOM Element
|
void |
SamlAssertionWrapper.validateAssertion(boolean validateSignatureAgainstProfile)
Validate the samlAssertion against schemas/profiles
|
void |
SamlAssertionWrapper.validateSignatureAgainstProfile()
Validate the signature of the Assertion against the Profile.
|
void |
SamlAssertionWrapper.verifySignature(SAMLKeyInfo samlKeyInfo)
Verify the signature of this assertion
|
void |
SamlAssertionWrapper.verifySignature(SAMLKeyInfoProcessor keyInfoProcessor,
Crypto sigCrypto)
Verify the signature of this assertion
|
| Constructor and Description |
|---|
SamlAssertionWrapper(Element element)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
|
SamlAssertionWrapper(SAMLCallback samlCallback)
Constructor SamlAssertionWrapper creates a new SamlAssertionWrapper instance.
|
| Modifier and Type | Method and Description |
|---|---|
static org.opensaml.saml2.core.Advice |
SAML2ComponentBuilder.createAdvice(AdviceBean adviceBean)
Create a Advice object
|
static org.opensaml.saml1.core.Advice |
SAML1ComponentBuilder.createAdvice(AdviceBean adviceBean)
Create a Advice object
|
static org.opensaml.xml.signature.KeyInfo |
SAML1ComponentBuilder.createKeyInfo(KeyInfoBean keyInfo)
Create an Opensaml KeyInfo object from the parameters
|
static org.opensaml.saml1.core.Subject |
SAML1ComponentBuilder.createSaml1v1Subject(SubjectBean subjectBean)
Create a SAML Subject from a SubjectBean instance
|
static org.opensaml.saml2.core.Subject |
SAML2ComponentBuilder.createSaml2Subject(SubjectBean subjectBean)
Create a Subject.
|
static List<org.opensaml.saml1.core.AttributeStatement> |
SAML1ComponentBuilder.createSamlv1AttributeStatement(List<AttributeStatementBean> attributeData)
Create SAML 1.1 attribute statement(s)
|
static List<org.opensaml.saml1.core.AuthenticationStatement> |
SAML1ComponentBuilder.createSamlv1AuthenticationStatement(List<AuthenticationStatementBean> authBeans)
Create SAML 1.1 authentication statement(s)
|
static List<org.opensaml.saml1.core.AuthorizationDecisionStatement> |
SAML1ComponentBuilder.createSamlv1AuthorizationDecisionStatement(List<AuthDecisionStatementBean> decisionData)
Create SAML 1.1 Authorization Decision Statement(s)
|
static org.opensaml.saml2.core.SubjectConfirmationData |
SAML2ComponentBuilder.createSubjectConfirmationData(SubjectConfirmationDataBean subjectConfirmationDataBean,
KeyInfoBean keyInfoBean)
Create a SubjectConfirmationData object
|
| Modifier and Type | Method and Description |
|---|---|
void |
SpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
BinarySecurityToken.
|
void |
SpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
boolean isUsernameServiceNameForm)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
BinarySecurityToken.
|
void |
SpnegoTokenContext.retrieveServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
boolean isUsernameServiceNameForm,
boolean requestCredDeleg,
GSSCredential delegationCredential)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this
BinarySecurityToken.
|
byte[] |
SpnegoTokenContext.unwrapKey(byte[] secret)
Unwrap a key
|
void |
SpnegoTokenContext.validateServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
boolean isUsernameServiceNameForm,
byte[] ticket)
Validate a service ticket.
|
void |
SpnegoTokenContext.validateServiceTicket(String jaasLoginModuleName,
CallbackHandler callbackHandler,
String serviceName,
byte[] ticket)
Validate a service ticket.
|
byte[] |
SpnegoTokenContext.wrapKey(byte[] secret)
Wrap a key
|
| Modifier and Type | Method and Description |
|---|---|
static byte[] |
UsernameTokenUtil.generateDerivedKey(byte[] password,
byte[] salt,
int iteration)
This static method generates a derived key as defined in WSS Username
Token Profile.
|
static byte[] |
UsernameTokenUtil.generateDerivedKey(String password,
byte[] salt,
int iteration)
This static method generates a derived key as defined in WSS Username
Token Profile.
|
static int |
KeyUtils.getKeyLength(String algorithm)
Returns the length of the key in # of bytes
|
static void |
AttachmentUtils.readAndReplaceEncryptedAttachmentHeaders(Map<String,String> headers,
InputStream attachmentInputStream) |
static InputStream |
AttachmentUtils.setupAttachmentDecryptionStream(String encAlgo,
Cipher cipher,
Key key,
InputStream inputStream) |
static InputStream |
AttachmentUtils.setupAttachmentEncryptionStream(Cipher cipher,
boolean complete,
Attachment attachment,
Map<String,String> headers) |
Copyright © 2004–2016 The Apache Software Foundation. All rights reserved.