java.lang.Object
- org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
- - org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory.X509KeyInfoGenerator

All Implemented Interfaces:

org.opensaml.xmlsec.keyinfo.KeyInfoGenerator

Enclosing class:

X509KeyInfoGeneratorFactory
```
public class X509KeyInfoGeneratorFactory.X509KeyInfoGenerator
extends BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
```
An implementation of KeyInfoGenerator capable of handling the information contained within a X509Credential.

Field Summary

Fields
Modifier and Type	Field	Description
`private org.opensaml.core.xml.XMLObjectBuilder<org.opensaml.xmlsec.signature.KeyInfo>`	`keyInfoBuilder`	Builder for KeyInfo objects.
`private org.slf4j.Logger`	`log`	Class logger.
`private X509KeyInfoGeneratorFactory.X509Options`	`options`	The set of options to be used by the generator.
`private org.opensaml.core.xml.XMLObjectBuilder<org.opensaml.xmlsec.signature.X509Data>`	`x509DataBuilder`	Builder for X509Data objects.

Constructor Summary

Constructors
Modifier Constructor Description

protected X509KeyInfoGenerator(X509KeyInfoGeneratorFactory.X509Options newOptions)
Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`org.opensaml.xmlsec.signature.KeyInfo`	`generate(org.opensaml.security.credential.Credential credential)`
`protected String`	`getIssuerName(X509Certificate cert)`	Get issuer name from a certificate, using the currently configured X500DNHandler and issuer DN output format.
`protected String`	`getSubjectName(X509Certificate cert)`	Get subject name from a certificate, using the currently configured X500DNHandler and subject DN output format.
`protected void`	`processCertKeyNameOptions(org.opensaml.xmlsec.signature.KeyInfo keyInfo, X509Certificate cert)`	Process the options related to generation of KeyName elements based on certificate data.
`protected void`	`processCertX509DataOptions(org.opensaml.xmlsec.signature.X509Data x509Data, X509Certificate cert)`	Process the options related to generation of child elements of X509Data based on certificate data.
`protected void`	`processCertX509Digest(org.opensaml.xmlsec.signature.X509Data x509Data, X509Certificate cert)`	Process the options related to generation of the X509Digest child element of X509Data based on certificate data.
`protected void`	`processCertX509IssuerSerial(org.opensaml.xmlsec.signature.X509Data x509Data, X509Certificate cert)`	Process the options related to generation of the X509IssuerSerial child element of X509Data based on certificate data.
`protected void`	`processCertX509SKI(org.opensaml.xmlsec.signature.X509Data x509Data, X509Certificate cert)`	Process the options related to generation of the X509SKI child element of X509Data based on certificate data.
`protected void`	`processCertX509SubjectName(org.opensaml.xmlsec.signature.X509Data x509Data, X509Certificate cert)`	Process the options related to generation of the X509SubjectDN child element of X509Data based on certificate data.
`protected void`	`processCRLs(org.opensaml.xmlsec.signature.KeyInfo keyInfo, org.opensaml.xmlsec.signature.X509Data x509Data, org.opensaml.security.x509.X509Credential credential)`	Process the value of `X509Credential.getCRLs()`.
`protected void`	`processEntityCertificate(org.opensaml.xmlsec.signature.KeyInfo keyInfo, org.opensaml.xmlsec.signature.X509Data x509Data, org.opensaml.security.x509.X509Credential credential)`	Process the value of `X509Credential.getEntityCertificate()`.
`protected void`	`processEntityCertificateChain(org.opensaml.xmlsec.signature.KeyInfo keyInfo, org.opensaml.xmlsec.signature.X509Data x509Data, org.opensaml.security.x509.X509Credential credential)`	Process the value of `X509Credential.getEntityCertificateChain()`.
`protected void`	`processSubjectAltNameKeyNames(org.opensaml.xmlsec.signature.KeyInfo keyInfo, X509Certificate cert)`	Process the options related to generation of KeyName elements based on subject alternative name information within the certificate data.
`protected void`	`processSubjectCNKeyName(org.opensaml.xmlsec.signature.KeyInfo keyInfo, X509Certificate cert)`	Process the options related to generation of KeyName elements based on the the common name field(s) of the certificate's subject DN.
`protected void`	`processSubjectDNKeyName(org.opensaml.xmlsec.signature.KeyInfo keyInfo, X509Certificate cert)`	Process the options related to generation of KeyName elements based on the certificate's subject DN value.

Methods inherited from class org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
processEntityID, processKeyNames, processPublicKey

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log
```
private final org.slf4j.Logger log
```
Class logger.

options

private X509KeyInfoGeneratorFactory.X509Options options

The set of options to be used by the generator.

keyInfoBuilder

private final org.opensaml.core.xml.XMLObjectBuilder<org.opensaml.xmlsec.signature.KeyInfo> keyInfoBuilder

Builder for KeyInfo objects.

x509DataBuilder

private final org.opensaml.core.xml.XMLObjectBuilder<org.opensaml.xmlsec.signature.X509Data> x509DataBuilder

Builder for X509Data objects.

Constructor Detail
- X509KeyInfoGenerator
```
protected X509KeyInfoGenerator(X509KeyInfoGeneratorFactory.X509Options newOptions)
```
  Constructor.
  
  Parameters:
  
  newOptions - the options to be used by the generator

Method Detail

generate

@Nullable
public org.opensaml.xmlsec.signature.KeyInfo generate(@Nullable
                                                      org.opensaml.security.credential.Credential credential)
                                               throws org.opensaml.security.SecurityException

Specified by:: generate in interface org.opensaml.xmlsec.keyinfo.KeyInfoGenerator
Overrides:: generate in class BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator
Throws:: org.opensaml.security.SecurityException

processEntityCertificate

protected void processEntityCertificate(@Nonnull
                                        org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                                        @Nonnull
                                        org.opensaml.xmlsec.signature.X509Data x509Data,
                                        @Nonnull
                                        org.opensaml.security.x509.X509Credential credential)
                                 throws org.opensaml.security.SecurityException

Process the value of X509Credential.getEntityCertificate().

Parameters:: keyInfo - the KeyInfo that is being built; x509Data - the X509Data that is being built; credential - the Credential that is being processed
Throws:: org.opensaml.security.SecurityException - thrown if the certificate data can not be encoded from the Java certificate object

processCertX509DataOptions

protected void processCertX509DataOptions(@Nonnull
                                          org.opensaml.xmlsec.signature.X509Data x509Data,
                                          @Nonnull
                                          X509Certificate cert)
                                   throws org.opensaml.security.SecurityException

Process the options related to generation of child elements of X509Data based on certificate data.

Parameters:: x509Data - the X509Data element being processed.; cert - the certificate being processed
Throws:: org.opensaml.security.SecurityException - if the certificate cannot be processed

processCertKeyNameOptions

protected void processCertKeyNameOptions(@Nonnull
                                         org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                                         @Nonnull
                                         X509Certificate cert)

Process the options related to generation of KeyName elements based on certificate data.

Parameters:: keyInfo - the KeyInfo element being processed.; cert - the certificate being processed

processCertX509SubjectName

protected void processCertX509SubjectName(@Nonnull
                                          org.opensaml.xmlsec.signature.X509Data x509Data,
                                          @Nonnull
                                          X509Certificate cert)

Process the options related to generation of the X509SubjectDN child element of X509Data based on certificate data.

Parameters:: x509Data - the X509Data element being processed.; cert - the certificate being processed

processCertX509IssuerSerial

protected void processCertX509IssuerSerial(@Nonnull
                                           org.opensaml.xmlsec.signature.X509Data x509Data,
                                           @Nonnull
                                           X509Certificate cert)

Process the options related to generation of the X509IssuerSerial child element of X509Data based on certificate data.

Parameters:: x509Data - the X509Data element being processed.; cert - the certificate being processed

processCertX509SKI

protected void processCertX509SKI(@Nonnull
                                  org.opensaml.xmlsec.signature.X509Data x509Data,
                                  @Nonnull
                                  X509Certificate cert)
                           throws org.opensaml.security.SecurityException

Process the options related to generation of the X509SKI child element of X509Data based on certificate data.

Parameters:: x509Data - the X509Data element being processed.; cert - the certificate being processed
Throws:: org.opensaml.security.SecurityException - if there is an error in generating the subject key identifier

processCertX509Digest

protected void processCertX509Digest(@Nonnull
                                     org.opensaml.xmlsec.signature.X509Data x509Data,
                                     @Nonnull
                                     X509Certificate cert)
                              throws org.opensaml.security.SecurityException

Process the options related to generation of the X509Digest child element of X509Data based on certificate data.

Parameters:: x509Data - the X509Data element being processed.; cert - the certificate being processed
Throws:: org.opensaml.security.SecurityException - if certificate cannot be digested

getSubjectName
```
@Nullable
protected String getSubjectName(@Nullable
                                X509Certificate cert)
```
Get subject name from a certificate, using the currently configured X500DNHandler and subject DN output format.

Parameters:

cert - the certificate being processed

Returns:

the subject name

getIssuerName
```
protected String getIssuerName(@Nullable
                               X509Certificate cert)
```
Get issuer name from a certificate, using the currently configured X500DNHandler and issuer DN output format.

Parameters:

cert - the certificate being processed

Returns:

the issuer name

processSubjectDNKeyName

protected void processSubjectDNKeyName(@Nonnull
                                       org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                                       @Nullable
                                       X509Certificate cert)

Process the options related to generation of KeyName elements based on the certificate's subject DN value.

Parameters:: keyInfo - the KeyInfo element being processed.; cert - the certificate being processed

processSubjectCNKeyName

protected void processSubjectCNKeyName(@Nonnull
                                       org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                                       @Nullable
                                       X509Certificate cert)

Process the options related to generation of KeyName elements based on the the common name field(s) of the certificate's subject DN.

Parameters:: keyInfo - the KeyInfo element being processed.; cert - the certificate being processed

processSubjectAltNameKeyNames

protected void processSubjectAltNameKeyNames(@Nonnull
                                             org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                                             @Nullable
                                             X509Certificate cert)

Process the options related to generation of KeyName elements based on subject alternative name information within the certificate data.

Parameters:: keyInfo - the KeyInfo element being processed.; cert - the certificate being processed

processEntityCertificateChain

protected void processEntityCertificateChain(@Nonnull
                                             org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                                             @Nonnull
                                             org.opensaml.xmlsec.signature.X509Data x509Data,
                                             @Nonnull
                                             org.opensaml.security.x509.X509Credential credential)
                                      throws org.opensaml.security.SecurityException

Process the value of X509Credential.getEntityCertificateChain().

Parameters:: keyInfo - the KeyInfo that is being built; x509Data - the X509Data that is being built; credential - the Credential that is being processed
Throws:: org.opensaml.security.SecurityException - thrown if the certificate data can not be encoded from the Java certificate object

processCRLs

protected void processCRLs(@Nonnull
                           org.opensaml.xmlsec.signature.KeyInfo keyInfo,
                           @Nonnull
                           org.opensaml.xmlsec.signature.X509Data x509Data,
                           @Nonnull
                           org.opensaml.security.x509.X509Credential credential)
                    throws org.opensaml.security.SecurityException

Process the value of X509Credential.getCRLs().

Parameters:: keyInfo - the KeyInfo that is being built; x509Data - the X509Data that is being built; credential - the Credential that is being processed
Throws:: org.opensaml.security.SecurityException - thrown if the CRL data can not be encoded from the Java certificate object

Class X509KeyInfoGeneratorFactory.X509KeyInfoGenerator