org.opensaml.xml.security

クラス BasicSecurityConfiguration

java.lang.Object

org.opensaml.xml.security.BasicSecurityConfiguration

すべての実装されたインタフェース:

SecurityConfiguration

public class BasicSecurityConfiguration
extends Object
implements SecurityConfiguration

Basic in-memory implementation of SecurityConfiguration.

ネストされたクラスの概要

ネストされたクラス

修飾子とタイプ	クラスと説明
protected class	BasicSecurityConfiguration.DataEncryptionIndex Class used as an index to the data encryption algorithm URI map.
protected class	BasicSecurityConfiguration.KeyTransportEncryptionIndex Class used as an index to the key transport encryption algorithm URI map.

フィールドの概要

フィールド

修飾子とタイプ	フィールドと説明
static String	KEYINFO_RESOLVER_DEFAULT_CONFIG The name of the KeyInfoCredentialResolver default config.

コンストラクタの概要

コンストラクタ

コンストラクタと説明
BasicSecurityConfiguration() Constructor.

メソッドの概要

メソッド

修飾子とタイプ	メソッドと説明
void	deregisterDataEncryptionAlgorithmURI(String jcaAlgorithmName, Integer keyLength) Deregister a mapping for the specified JCA algorithm name.
void	deregisterKeyInfoCredentialResolver(String name) Deregister a named KeyInfoCredentialResolver configuration.
void	deregisterKeyTransportEncryptionAlgorithmURI(String jcaAlgorithmName, Integer keyLength, String wrappedKeyAlgorithm) Deregister a mapping for the specified JCA algorithm name.
void	deregisterSignatureAlgorithmURI(String jcaAlgorithmName) Deregister a mapping for the specified JCA algorithm name.
String	getAutoGeneratedDataEncryptionKeyAlgorithmURI() Get the encryption algorithm URI to be used when auto-generating random data encryption keys.
String	getDataEncryptionAlgorithmURI(Credential credential) Get the encryption algorithm URI for the encryption key contained within the specified credential.
String	getDataEncryptionAlgorithmURI(String jcaAlgorithmName, Integer keyLength) Get the encryption algorithm URI for the specified JCA key algorithm name and optional key length.
KeyInfoCredentialResolver	getDefaultKeyInfoCredentialResolver() Get the default KeyInfoCredentialResolver configuration.
DSAParams	getDSAParams(int keyLength) Get a DSA parameters instance which defines the default DSA key information to be used within a DSA "key family".
KeyInfoCredentialResolver	getKeyInfoCredentialResolver(String name) Get the KeyInfoCredentialResolver associated with the named configuration.
NamedKeyInfoGeneratorManager	getKeyInfoGeneratorManager() Get the manager for named KeyInfoGenerator instances.
String	getKeyTransportEncryptionAlgorithmURI(Credential credential, String wrappedKeyAlgorithm) Get the key transport encryption algorithm URI for the encryption key contained within the specified credential.
String	getKeyTransportEncryptionAlgorithmURI(String jcaAlgorithmName, Integer keyLength, String wrappedKeyAlgorithm) Get the key transport encryption algorithm URI for the specified JCA key algorithm name, optional key length and optional JCA key algorithm name of the key to be encrypted.
String	getSignatureAlgorithmURI(Credential credential) Get the signature algorithm URI for the signing key contained within the specified credential.
String	getSignatureAlgorithmURI(String jcaAlgorithmName) Get the signature algorithm URI for the specified JCA key algorithm name.
String	getSignatureCanonicalizationAlgorithm() Get a canonicalization algorithm URI suitable for use as a Signature CanonicalizationMethod value.
Integer	getSignatureHMACOutputLength() Get the value to be used as the Signature SignatureMethod HMACOutputLength value, used only when signing with an HMAC algorithm.
String	getSignatureReferenceDigestMethod() Get a digest method algorithm URI suitable for use as a Signature Reference DigestMethod value.
void	registerDataEncryptionAlgorithmURI(String jcaAlgorithmName, Integer keyLength, String algorithmURI) Register a mapping from the specified JCA algorithm name to an encryption algorithm URI.
void	registerKeyInfoCredentialResolver(String name, KeyInfoCredentialResolver resolver) Register a named KeyInfoCredentialResolver configuration.
void	registerKeyTransportEncryptionAlgorithmURI(String jcaAlgorithmName, Integer keyLength, String wrappedKeyAlgorithm, String algorithmURI) Register a mapping from the specified JCA algorithm name to an encryption algorithm URI.
void	registerSignatureAlgorithmURI(String jcaAlgorithmName, String algorithmURI) Register a mapping from the specified JCA algorithm name to a signature algorithm URI.
void	setAutoGeneratedDataEncryptionKeyAlgorithmURI(String algorithmURI) Set the encryption algorithm URI to be used when auto-generating random data encryption keys.
void	setDefaultKeyInfoCredentialResolver(KeyInfoCredentialResolver resolver) Set the default KeyInfoCredentialResolver config.
void	setDSAParams(int keyLength, DSAParams params) Set a DSA parameters instance which defines the default DSA key information to be used within a DSA "key family".
void	setKeyInfoGeneratorManager(NamedKeyInfoGeneratorManager keyInfoManager) Set the manager for named KeyInfoGenerator instances.
void	setSignatureCanonicalizationAlgorithm(String algorithmURI) Set a canonicalization algorithm URI suitable for use as a Signature CanonicalizationMethod value.
void	setSignatureHMACOutputLength(Integer length) Set the value to be used as the Signature SignatureMethod HMACOutputLength value, used only when signing with an HMAC algorithm.
void	setSignatureReferenceDigestMethod(String algorithmURI) Set a digest method algorithm URI suitable for use as a Signature Reference DigestMethod value.

クラスから継承されたメソッド java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

フィールドの詳細

KEYINFO_RESOLVER_DEFAULT_CONFIG

public static final String KEYINFO_RESOLVER_DEFAULT_CONFIG

The name of the KeyInfoCredentialResolver default config.

関連項目:

定数フィールド値

コンストラクタの詳細

BasicSecurityConfiguration

public BasicSecurityConfiguration()

Constructor.

メソッドの詳細

getSignatureAlgorithmURI

public String getSignatureAlgorithmURI(String jcaAlgorithmName)

Get the signature algorithm URI for the specified JCA key algorithm name.

定義:

getSignatureAlgorithmURI インタフェース内 SecurityConfiguration

パラメータ:

jcaAlgorithmName - a JCA key algorithm name

戻り値:

a signature algorithm URI mapping, or null if no mapping is available

getSignatureAlgorithmURI

public String getSignatureAlgorithmURI(Credential credential)

Get the signature algorithm URI for the signing key contained within the specified credential.

定義:

getSignatureAlgorithmURI インタフェース内 SecurityConfiguration

パラメータ:

credential - a credential containing a signing key

戻り値:

a signature algorithm URI mapping, or null if no mapping is available

registerSignatureAlgorithmURI

public void registerSignatureAlgorithmURI(String jcaAlgorithmName,
                                 String algorithmURI)

Register a mapping from the specified JCA algorithm name to a signature algorithm URI.

パラメータ:

jcaAlgorithmName - the JCA algorithm name to register

algorithmURI - the algorithm URI to register

deregisterSignatureAlgorithmURI

public void deregisterSignatureAlgorithmURI(String jcaAlgorithmName)

Deregister a mapping for the specified JCA algorithm name.

パラメータ:

jcaAlgorithmName - the JCA algorithm name to deregister

getSignatureCanonicalizationAlgorithm

public String getSignatureCanonicalizationAlgorithm()

Get a canonicalization algorithm URI suitable for use as a Signature CanonicalizationMethod value.

定義:

getSignatureCanonicalizationAlgorithm インタフェース内 SecurityConfiguration

戻り値:

a canonicalization algorithm URI

setSignatureCanonicalizationAlgorithm

public void setSignatureCanonicalizationAlgorithm(String algorithmURI)

Set a canonicalization algorithm URI suitable for use as a Signature CanonicalizationMethod value.

パラメータ:

algorithmURI - a canonicalization algorithm URI

getSignatureReferenceDigestMethod

public String getSignatureReferenceDigestMethod()

Get a digest method algorithm URI suitable for use as a Signature Reference DigestMethod value.

定義:

getSignatureReferenceDigestMethod インタフェース内 SecurityConfiguration

戻り値:

a digest method algorithm URI

setSignatureReferenceDigestMethod

public void setSignatureReferenceDigestMethod(String algorithmURI)

Set a digest method algorithm URI suitable for use as a Signature Reference DigestMethod value.

パラメータ:

algorithmURI - a digest method algorithm URI

getSignatureHMACOutputLength

public Integer getSignatureHMACOutputLength()

Get the value to be used as the Signature SignatureMethod HMACOutputLength value, used only when signing with an HMAC algorithm. This value is optional when using HMAC.

定義:

getSignatureHMACOutputLength インタフェース内 SecurityConfiguration

戻り値:

the configured HMAC output length value

setSignatureHMACOutputLength

public void setSignatureHMACOutputLength(Integer length)

Set the value to be used as the Signature SignatureMethod HMACOutputLength value, used only when signing with an HMAC algorithm. This value is optional when using HMAC.

パラメータ:

length - the HMAC output length value to use when performing HMAC signing (may be null)

getDataEncryptionAlgorithmURI

public String getDataEncryptionAlgorithmURI(String jcaAlgorithmName,
                                   Integer keyLength)

Get the encryption algorithm URI for the specified JCA key algorithm name and optional key length. Passing null as the key length will return the default algorithm URI for the specified JCA algorithm, if a default is configured. If no mapping for the specified key length is available, the default mapping will be returned.

定義:

getDataEncryptionAlgorithmURI インタフェース内 SecurityConfiguration

パラメータ:

jcaAlgorithmName - a JCA key algorithm name

keyLength - optional key length parameter

戻り値:

an encryption algorithm URI, or null if no mapping is available

getDataEncryptionAlgorithmURI

public String getDataEncryptionAlgorithmURI(Credential credential)

Get the encryption algorithm URI for the encryption key contained within the specified credential.

定義:

getDataEncryptionAlgorithmURI インタフェース内 SecurityConfiguration

パラメータ:

credential - a credential containing an encryption key

戻り値:

an encryption algorithm URI mapping, or null if no mapping is available

registerDataEncryptionAlgorithmURI

public void registerDataEncryptionAlgorithmURI(String jcaAlgorithmName,
                                      Integer keyLength,
                                      String algorithmURI)

Register a mapping from the specified JCA algorithm name to an encryption algorithm URI.

パラメータ:

jcaAlgorithmName - the JCA algorithm name to register

keyLength - the key length to register (may be null)

algorithmURI - the algorithm URI to register

deregisterDataEncryptionAlgorithmURI

public void deregisterDataEncryptionAlgorithmURI(String jcaAlgorithmName,
                                        Integer keyLength)

Deregister a mapping for the specified JCA algorithm name.

パラメータ:

jcaAlgorithmName - the JCA algorithm name to deregister

keyLength - the key length to deregister (may be null)

getKeyTransportEncryptionAlgorithmURI

public String getKeyTransportEncryptionAlgorithmURI(String jcaAlgorithmName,
                                           Integer keyLength,
                                           String wrappedKeyAlgorithm)

Get the key transport encryption algorithm URI for the specified JCA key algorithm name, optional key length and optional JCA key algorithm name of the key to be encrypted. Note that typically the key length parameter is required for lookup of symmetric key wrap algorithm URI's, but is typically not required or relevant for asymmetric key transport algorithms. If a mapping is not available considering the optional key length and wrapped algorithm parameters as passed, a lookup will next be attempted by omiting the (non-null) wrapped key algorithm, and if that is unsuccessful, by then omitting the (non-null) key length parameter. If a mapping has still not been found, then a final lookup attempt will be made using the key encryption key's JCA algorithm name alone.

定義:

getKeyTransportEncryptionAlgorithmURI インタフェース内 SecurityConfiguration

パラメータ:

jcaAlgorithmName - a JCA key algorithm name for the key encryption key

keyLength - optional key length parameter

wrappedKeyAlgorithm - a JCA key algorithm name for the key to be encrypted

戻り値:

an encryption algorithm URI, or null if no mapping is available

getKeyTransportEncryptionAlgorithmURI

public String getKeyTransportEncryptionAlgorithmURI(Credential credential,
                                           String wrappedKeyAlgorithm)

Get the key transport encryption algorithm URI for the encryption key contained within the specified credential.

定義:

getKeyTransportEncryptionAlgorithmURI インタフェース内 SecurityConfiguration

パラメータ:

credential - a credential containing an encryption key

wrappedKeyAlgorithm - the JCA key algorithm name of the key being encrypted

戻り値:

an encryption algorithm URI mapping, or null if no mapping is available

registerKeyTransportEncryptionAlgorithmURI

public void registerKeyTransportEncryptionAlgorithmURI(String jcaAlgorithmName,
                                              Integer keyLength,
                                              String wrappedKeyAlgorithm,
                                              String algorithmURI)

Register a mapping from the specified JCA algorithm name to an encryption algorithm URI.

パラメータ:

jcaAlgorithmName - the JCA algorithm name to register

keyLength - the key length to register (may be null)

wrappedKeyAlgorithm - the JCA algorithm name of the key to be encrypted (may be null)

algorithmURI - the algorithm URI to register

deregisterKeyTransportEncryptionAlgorithmURI

public void deregisterKeyTransportEncryptionAlgorithmURI(String jcaAlgorithmName,
                                                Integer keyLength,
                                                String wrappedKeyAlgorithm)

Deregister a mapping for the specified JCA algorithm name.

パラメータ:

jcaAlgorithmName - the JCA algorithm name to deregister

keyLength - the key length to deregister (may be null)

wrappedKeyAlgorithm - the JCA algorithm name of the key to be encrypted (may be null)

getAutoGeneratedDataEncryptionKeyAlgorithmURI

public String getAutoGeneratedDataEncryptionKeyAlgorithmURI()

Get the encryption algorithm URI to be used when auto-generating random data encryption keys.

定義:

getAutoGeneratedDataEncryptionKeyAlgorithmURI インタフェース内 SecurityConfiguration

戻り値:

an encryption algorithm URI, or null if no default is available

setAutoGeneratedDataEncryptionKeyAlgorithmURI

public void setAutoGeneratedDataEncryptionKeyAlgorithmURI(String algorithmURI)

Set the encryption algorithm URI to be used when auto-generating random data encryption keys.

パラメータ:

algorithmURI - the encryption algorithm URI to use

getKeyInfoGeneratorManager

public NamedKeyInfoGeneratorManager getKeyInfoGeneratorManager()

Get the manager for named KeyInfoGenerator instances.

定義:

getKeyInfoGeneratorManager インタフェース内 SecurityConfiguration

戻り値:

the KeyInfoGenerator manager, or null if none is configured

setKeyInfoGeneratorManager

public void setKeyInfoGeneratorManager(NamedKeyInfoGeneratorManager keyInfoManager)

Set the manager for named KeyInfoGenerator instances.

パラメータ:

keyInfoManager - the KeyInfoGenerator manager to use

getDefaultKeyInfoCredentialResolver

public KeyInfoCredentialResolver getDefaultKeyInfoCredentialResolver()

Get the default KeyInfoCredentialResolver configuration.

定義:

getDefaultKeyInfoCredentialResolver インタフェース内 SecurityConfiguration

戻り値:

the default KeyInfoCredentialResolver

setDefaultKeyInfoCredentialResolver

public void setDefaultKeyInfoCredentialResolver(KeyInfoCredentialResolver resolver)

Set the default KeyInfoCredentialResolver config.

パラメータ:

resolver - the default KeyInfoCredentialResolver

getKeyInfoCredentialResolver

public KeyInfoCredentialResolver getKeyInfoCredentialResolver(String name)

Get the KeyInfoCredentialResolver associated with the named configuration.

定義:

getKeyInfoCredentialResolver インタフェース内 SecurityConfiguration

パラメータ:

name - the name of the resolver configuration to return

戻り値:

a KeyInfoCredentialResolver instance

registerKeyInfoCredentialResolver

public void registerKeyInfoCredentialResolver(String name,
                                     KeyInfoCredentialResolver resolver)

Register a named KeyInfoCredentialResolver configuration.

パラメータ:

name - the name of the configuration

resolver - the KeyInfoCredentialResolver to register

deregisterKeyInfoCredentialResolver

public void deregisterKeyInfoCredentialResolver(String name)

Deregister a named KeyInfoCredentialResolver configuration.

パラメータ:

name - the name of the configuration

getDSAParams

public DSAParams getDSAParams(int keyLength)

Get a DSA parameters instance which defines the default DSA key information to be used within a DSA "key family".

定義:

getDSAParams インタフェース内 SecurityConfiguration

パラメータ:

keyLength - length of the DSA key whose parameters are desired

戻り値:

the default DSA parameters instance, or null if no default is available

setDSAParams

public void setDSAParams(int keyLength,
                DSAParams params)

Set a DSA parameters instance which defines the default DSA key information to be used within a DSA "key family".

パラメータ:

keyLength - the key length of the DSA parameters

params - the default DSA parameters instance