Index (OpenSAML 5.x Security Extensions

A B C D E G I M O P S
All Classes and Interfaces|All Packages

A

AbstractSecurityConfiguration - Class in se.swedenconnect.opensaml.xmlsec.config: Abstract base class for SecurityConfiguration.
AbstractSecurityConfiguration() - Constructor for class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Constructor.

B

buildBasicEncryptedKeyResolver() - Static method in class se.swedenconnect.opensaml.xmlsec.config.ExtendedDefaultSecurityConfigurationBootstrap: Build a basic instance of EncryptedKeyResolver.
buildDefaultSignatureSigningConfiguration() - Static method in class se.swedenconnect.opensaml.xmlsec.config.ExtendedDefaultSecurityConfigurationBootstrap: Extends DefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration() with http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1, http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 and http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1.
buildDefaultSignatureSigningConfiguration(SignatureSigningConfiguration) - Static method in class se.swedenconnect.opensaml.xmlsec.config.ExtendedDefaultSecurityConfigurationBootstrap: Given a SignatureSigningConfiguration the method ensures that the signature algorithms http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1, http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 and http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1 are among the signature algorithms and returns a BasicSignatureSigningConfiguration object.

C

createDecryptionParameters(Credential...) - Static method in class se.swedenconnect.opensaml.xmlsec.encryption.support.DecryptionUtils: Utility method that sets up DecryptionParameters for a Decrypter instance.
createDefaultDecryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Creates the default decryption configuration for this instance.
createDefaultEncryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Creates the default encryption configuration for this instance.
createDefaultEncryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.SAML2IntSecurityConfiguration: Builds an EncryptionConfiguration that is according to SAML2Int.
createDefaultParserPool() - Static method in class se.swedenconnect.opensaml.OpenSAMLInitializer: Creates a basic parser pool with default settings.
createDefaultSignatureSigningConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Creates the default signature configuration for this instance.
createDefaultSignatureSigningConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.DefaultSecurityConfiguration: Returns the default signing configuration with RSA-PSS extensions.
createDefaultSignatureSigningConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.SAML2IntSecurityConfiguration: Black-lists SHA-1 from use and adds RSA-PSS algos.
createDefaultSignatureValidationConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Creates the default signature validation configuration for this instance.
createKeyInfoCredentialResolver(Credential...) - Static method in class se.swedenconnect.opensaml.xmlsec.encryption.support.DecryptionUtils: Builds a KeyInfo credential resolver to be used during decryption of a SAML object.

D

decrypt(E, Class<T>) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Decrypts the supplied encrypted object into an object of the given type.
decrypt(EncryptedData, Class<T>) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Decrypts the supplied encrypted object into an object of the given type.
DecryptionUtils - Class in se.swedenconnect.opensaml.xmlsec.encryption.support: Utility class with helper methods for decryption.
DecryptionUtils() - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.DecryptionUtils
decryptKey(EncryptedKey, String) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Extends Decrypter.decryptKey(EncryptedKey, String) so that we may get hold of the corresponding RSA certificate.
decryptKey(EncryptedKey, String, Key) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Extends Decrypter.decryptKey(EncryptedKey, String, Key) with an implementation for missing OAEP padding in the SunPKCS11 provider.
decryptKey(EncryptedKey, String, Key, int) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Decrypts the key (work-around for OAEP padding).
DefaultSecurityConfiguration - Class in se.swedenconnect.opensaml.xmlsec.config: A security configuration for OpenSAML default settings.
DefaultSecurityConfiguration() - Constructor for class se.swedenconnect.opensaml.xmlsec.config.DefaultSecurityConfiguration

E

encrypt(XMLObject, SAMLObjectEncrypter.Peer) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: Maps to SAMLObjectEncrypter.encrypt(XMLObject, Peer, EncryptionConfiguration) where the default encryption configuration is supplied.
encrypt(XMLObject, SAMLObjectEncrypter.Peer, EncryptionConfiguration) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: Encrypts the supplied XML object by locating the peer encryption credentials and using the supplied configuration.
ExtendedAlgorithmSupport - Class in se.swedenconnect.opensaml.xmlsec.algorithm: OpenSAML's AlgorithmSupport class does not offer utility methods needed for RSA-PSS.
ExtendedDefaultSecurityConfigurationBootstrap - Class in se.swedenconnect.opensaml.xmlsec.config: Extends OpenSAML's DefaultSecurityConfigurationBootstrap with support for the RSA-PSS signature algorithms.
ExtendedDefaultSecurityConfigurationBootstrap() - Constructor for class se.swedenconnect.opensaml.xmlsec.config.ExtendedDefaultSecurityConfigurationBootstrap: Constructor.
ExtendedSignerProvider - Class in se.swedenconnect.opensaml.xmlsec.signature.support.provider: The Sun PKCS#11 crypto provider does not have support for PSS padding which makes HSM RSA-PSS signing impossible using the standard OpenSAML signer provider (ApacheSantuarioSignerProviderImpl).
ExtendedSignerProvider() - Constructor for class se.swedenconnect.opensaml.xmlsec.signature.support.provider.ExtendedSignerProvider: Default constructor.
ExtendedSignerProviderInitializer - Class in se.swedenconnect.opensaml.xmlsec.signature.support.provider: OpenSAML uses the Java service loader to load the SignerProvider that should be used.
ExtendedSignerProviderInitializer() - Constructor for class se.swedenconnect.opensaml.xmlsec.signature.support.provider.ExtendedSignerProviderInitializer

G

getDecryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the decryption configuration that has been configured.
getDecryptionConfiguration() - Method in interface se.swedenconnect.opensaml.xmlsec.config.SecurityConfiguration: Returns the decryption configuration that has been configured.
getDefaultDecryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the default decryption configuration for this instance.
getDefaultEncryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the default encryption configuration for this instance.
getDefaultSignatureSigningConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the default signature configuration for this instance.
getDefaultSignatureValidationConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the default signature validation configuration for this instance.
getEncryptionConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the encryption configuration that has been configured.
getEncryptionConfiguration() - Method in interface se.swedenconnect.opensaml.xmlsec.config.SecurityConfiguration: Returns the encryption configuration that has been configured.
getEntityID() - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter.Peer: Gets the peer entityID.
getInstance() - Static method in class se.swedenconnect.opensaml.OpenSAMLInitializer: Returns the initializer instance.
getMask(byte[], int) - Method in interface se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.MGF: Generates mask data.
getMask(byte[], int) - Method in class se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.MGF1: Generates mask data.
getMetadata() - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter.Peer: Gets the peer metadata.
getName() - Method in interface se.swedenconnect.opensaml.OpenSAMLInitializerConfig: The name of this configurer.
getName() - Method in class se.swedenconnect.opensaml.OpenSAMLSecurityDefaultsConfig: The name of this configurer.
getName() - Method in class se.swedenconnect.opensaml.OpenSAMLSecurityExtensionConfig: The name of this configurer.
getPadding(byte[]) - Method in class se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.SCPSSPadding: Calculates the padding for a message hash.
getPaddingFromMessage(byte[]) - Method in class se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.SCPSSPadding: Generates RSA-PSS encoded message (EM) for a given message.
getProfileName() - Method in class se.swedenconnect.opensaml.xmlsec.config.DefaultSecurityConfiguration: Gets the profile name of this configuration setup.
getProfileName() - Method in class se.swedenconnect.opensaml.xmlsec.config.SAML2IntSecurityConfiguration: Gets the profile name of this configuration setup.
getProfileName() - Method in interface se.swedenconnect.opensaml.xmlsec.config.SecurityConfiguration: Gets the profile name of this configuration setup.
getSignaturePreferences(EntityDescriptor) - Static method in class se.swedenconnect.opensaml.xmlsec.signature.support.SAMLObjectSigner: A recipient of a signed message may specify the signature algorithm it prefers by including the <alg:SigningMethod> element in its metadata.
getSignatureSigningConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the signing configuration that has been configued.
getSignatureSigningConfiguration() - Method in interface se.swedenconnect.opensaml.xmlsec.config.SecurityConfiguration: Returns the signing configuration that has been configued.
getSignatureValidationConfiguration() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Returns the signature validation configuration that has been configured.
getSignatureValidationConfiguration() - Method in interface se.swedenconnect.opensaml.xmlsec.config.SecurityConfiguration: Returns the signature validation configuration that has been configured.

I

init() - Method in class se.swedenconnect.opensaml.xmlsec.signature.support.provider.ExtendedSignerProviderInitializer: The Signer class has a static signer provider cached.
initialize(OpenSAMLInitializerConfig...) - Method in class se.swedenconnect.opensaml.OpenSAMLInitializer: Initializes the OpenSAML library.
initOpenSAML() - Method in class se.swedenconnect.opensaml.xmlsec.config.AbstractSecurityConfiguration: Initializes OpenSAML with the defaults that has been installed for this instance.
initOpenSAML() - Method in interface se.swedenconnect.opensaml.xmlsec.config.SecurityConfiguration: Initializes OpenSAML with the defaults that has been installed for this instance.
isInitialized() - Method in class se.swedenconnect.opensaml.OpenSAMLInitializer: Predicate that tells if the OpenSAML library already has been initialized.
isRSAPSS(String) - Static method in class se.swedenconnect.opensaml.xmlsec.algorithm.ExtendedAlgorithmSupport: Predicate that tells whether the supplied algorithm is a RSA-PSS algorithm.

M

MGF - Interface in se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding: Interface for Mask Generation Function.
MGF1 - Class in se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding: Implementation of the MGF1 mask generation function.
MGF1(MessageDigest) - Constructor for class se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.MGF1: Constructor.

O

OpenSAMLInitializer - Class in se.swedenconnect.opensaml: Singleton class for initialization and configuration of the OpenSAML library.
OpenSAMLInitializer() - Constructor for class se.swedenconnect.opensaml.OpenSAMLInitializer
OpenSAMLInitializerConfig - Interface in se.swedenconnect.opensaml: Interface for customized initialization and configuration of OpenSAML.
OpenSAMLSecurityDefaultsConfig - Class in se.swedenconnect.opensaml: Initializer that modifies OpenSAML's default algorithms as returned by DefaultSecurityConfigurationBootstrap with the caller's own wishes for security defaults.
OpenSAMLSecurityDefaultsConfig(SecurityConfiguration) - Constructor for class se.swedenconnect.opensaml.OpenSAMLSecurityDefaultsConfig: Constructor.
OpenSAMLSecurityExtensionConfig - Class in se.swedenconnect.opensaml: Configuration that extends OpenSAML's signature support with RSA-PSS algorithms.
OpenSAMLSecurityExtensionConfig() - Constructor for class se.swedenconnect.opensaml.OpenSAMLSecurityExtensionConfig

P

Peer(String) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter.Peer: Constructor setting the entityID of the peer.
Peer(EntityDescriptor) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter.Peer: Constructor setting the peer metadata.
Pkcs11Decrypter - Class in se.swedenconnect.opensaml.xmlsec.encryption.support: An extension to OpenSAML's Decrypter class implementing a workaround for the problem that when using the SunPKCS11 crypto provider OAEPPadding does not work.
Pkcs11Decrypter(DecryptionParameters) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Constructor.
Pkcs11Decrypter(KeyInfoCredentialResolver, KeyInfoCredentialResolver, EncryptedKeyResolver) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Constructor.
Pkcs11Decrypter(KeyInfoCredentialResolver, KeyInfoCredentialResolver, EncryptedKeyResolver, Collection<String>, Collection<String>) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Constructor.
postInitialize() - Method in interface se.swedenconnect.opensaml.OpenSAMLInitializerConfig: Called after OpenSAML has been initialized.
postInitialize() - Method in class se.swedenconnect.opensaml.OpenSAMLSecurityDefaultsConfig: Updates OpenSAML with the security configuration for this object.
postInitialize() - Method in class se.swedenconnect.opensaml.OpenSAMLSecurityExtensionConfig: We don't know if a OpenSAMLSecurityDefaultsConfig object is sent to the initializer.
preInitialize() - Method in interface se.swedenconnect.opensaml.OpenSAMLInitializerConfig: Method that is called before OpenSAML is initialized.
preInitialize() - Method in class se.swedenconnect.opensaml.OpenSAMLSecurityDefaultsConfig: Does nothing.
preInitialize() - Method in class se.swedenconnect.opensaml.OpenSAMLSecurityExtensionConfig: The ECDH support requires that the Bouncy Castle crypto provider is installed.

S

SAML2IntSecurityConfiguration - Class in se.swedenconnect.opensaml.xmlsec.config: Security defaults according to Kantara's SAML2Int specification.
SAML2IntSecurityConfiguration() - Constructor for class se.swedenconnect.opensaml.xmlsec.config.SAML2IntSecurityConfiguration
SAMLObjectDecrypter - Class in se.swedenconnect.opensaml.xmlsec.encryption.support: A support bean for easy decryption.
SAMLObjectDecrypter(List<Credential>) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Constructor accepting several credentials (certificates or key pairs) to be used when decrypting.
SAMLObjectDecrypter(Credential) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Constructor given the credential to use to decrypt the messages (certificate or key pair).
SAMLObjectDecrypter(DecryptionConfiguration) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Initializes the decrypter using DecryptionConfiguration.
SAMLObjectDecrypter(DecryptionParameters) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Initializes the decrypter using DecryptionParameters.
SAMLObjectEncrypter - Class in se.swedenconnect.opensaml.xmlsec.encryption.support: Utility class for encrypting an element for a SAML entity.
SAMLObjectEncrypter() - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: Sets up the object encrypter without a metadata provider.
SAMLObjectEncrypter(MetadataResolver) - Constructor for class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: Sets up the object encrypter with a metadata resolver from where we find the peer credentials.
SAMLObjectEncrypter.Peer - Class in se.swedenconnect.opensaml.xmlsec.encryption.support: Represents the peer when performing encryption.
SAMLObjectSigner - Class in se.swedenconnect.opensaml.xmlsec.signature.support: Utility methods for signatures.
SCPSSPadding - Class in se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding: Implements the RSA-PSS padding algorithm in accordance with PKCS#1 v2.1.
SCPSSPadding(MessageDigest, int) - Constructor for class se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.SCPSSPadding: Constructor for the PSS padding generator.
se.swedenconnect.opensaml - package se.swedenconnect.opensaml: Initializing interfaces and classes.
se.swedenconnect.opensaml.xmlsec.algorithm - package se.swedenconnect.opensaml.xmlsec.algorithm: Extended algorithm support by the OpenSAML security extensions library.
se.swedenconnect.opensaml.xmlsec.config - package se.swedenconnect.opensaml.xmlsec.config: Configuration implementations for the extensions to OpenSAML's XMLSec support.
se.swedenconnect.opensaml.xmlsec.encryption.support - package se.swedenconnect.opensaml.xmlsec.encryption.support: Extensions to OpenSAML support classes for encryption and decryption.
se.swedenconnect.opensaml.xmlsec.signature.support - package se.swedenconnect.opensaml.xmlsec.signature.support: Extensions to OpenSAML's signature support.
se.swedenconnect.opensaml.xmlsec.signature.support.provider - package se.swedenconnect.opensaml.xmlsec.signature.support.provider: Extended signature provider support.
se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding - package se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding: Padding functionality for RSAPSS.
SecurityConfiguration - Interface in se.swedenconnect.opensaml.xmlsec.config: An interface that enables us to work with security configurations and defaults in a simple fashion.
setAlgorithmRegistry(AlgorithmRegistry) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: Sets the AlgorithmRegistry instance used when resolving algorithm URIs.
setBlacklistedAlgorithms(Collection<String>) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Assigns a list of black listed algorithms
setDefaultEncryptionConfiguration(EncryptionConfiguration) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: Sets the default encryption configuration to use.
setEncrypter(Encrypter) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectEncrypter: The encrypter to use.
setParserPool(ParserPool) - Method in class se.swedenconnect.opensaml.OpenSAMLInitializer: Set the global ParserPool to configure.
setPkcs11testMode(boolean) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: For internal testing only.
setPkcs11Workaround(boolean) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: If using a HSM it is likely that the SunPKCS11 crypto provider is used.
setSalt(byte[]) - Method in class se.swedenconnect.opensaml.xmlsec.signature.support.provider.padding.SCPSSPadding: Inject a predefined salt value
setTestMode(boolean) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.Pkcs11Decrypter: Should we run this class in test mode? By using test mode, the customized code where we handle padding for OAEP is executed even if the SunPKCS11 provider is not in use.
setWhitelistedAlgorithms(Collection<String>) - Method in class se.swedenconnect.opensaml.xmlsec.encryption.support.SAMLObjectDecrypter: Assigns a list of white listed algorithms
sign(T, Credential, SignatureSigningConfiguration...) - Static method in class se.swedenconnect.opensaml.xmlsec.signature.support.SAMLObjectSigner: Signs the supplied SAML object using the supplied credentials and signature configuration(s).
sign(T, Credential, SignatureSigningConfiguration, EntityDescriptor) - Static method in class se.swedenconnect.opensaml.xmlsec.signature.support.SAMLObjectSigner: Signs the supplied SAML object using the supplied credentials and signature configuration and also handles the peer signature requirements.
signObject(Signature) - Method in class se.swedenconnect.opensaml.xmlsec.signature.support.provider.ExtendedSignerProvider: Tests if the signing key is a SUN PKCS#11 key and the signing algorithm is RSA-PSS.

A B C D E G I M O P S
All Classes and Interfaces|All Packages