Class ExtendedDefaultSecurityConfigurationBootstrap
java.lang.Object
org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap
se.swedenconnect.opensaml.xmlsec.config.ExtendedDefaultSecurityConfigurationBootstrap
public class ExtendedDefaultSecurityConfigurationBootstrap
extends DefaultSecurityConfigurationBootstrap
Extends OpenSAML's
DefaultSecurityConfigurationBootstrap with support for the RSA-PSS signature algorithms.
Note: Even though OpenSAML 5.x has introduced support for RSA-PSS algorithms, they are not part of the
DefaultSecurityConfigurationBootstrap, so this class is still needed.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Field Summary
Fields inherited from class org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap
CONCATKDF, CONFIG_PROPERTY_ECDH_DEFAULT_KDF, PBKDF2 -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedConstructor. -
Method Summary
Modifier and TypeMethodDescriptionprotected static EncryptedKeyResolverBuild a basic instance ofEncryptedKeyResolver.ExtendsDefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration()with http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1, http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 and http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1.Given aSignatureSigningConfigurationthe method ensures that the signature algorithms http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1, http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 and http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1 are among the signature algorithms and returns aBasicSignatureSigningConfigurationobject.Methods inherited from class org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap
buildBasicInlineKeyInfoCredentialResolver, buildBasicKeyInfoGeneratorManager, buildDataEncryptionKeyInfoGeneratorManager, buildDefaultDecryptionConfiguration, buildDefaultEncryptionConfiguration, buildDefaultSignatureValidationConfiguration, buildKeyAgreementConfigurations, buildKeyTransportEncryptionKeyInfoGeneratorManager, buildSignatureKeyInfoGeneratorManager
-
Constructor Details
-
ExtendedDefaultSecurityConfigurationBootstrap
protected ExtendedDefaultSecurityConfigurationBootstrap()Constructor.
-
-
Method Details
-
buildDefaultSignatureSigningConfiguration
ExtendsDefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration()with http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1, http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 and http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1.- Returns:
- signature signing configuration
-
buildDefaultSignatureSigningConfiguration
public static BasicSignatureSigningConfiguration buildDefaultSignatureSigningConfiguration(SignatureSigningConfiguration config) Given aSignatureSigningConfigurationthe method ensures that the signature algorithms http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1, http://www.w3.org/2007/05/xmldsig-more#sha384-rsa-MGF1 and http://www.w3.org/2007/05/xmldsig-more#sha512-rsa-MGF1 are among the signature algorithms and returns aBasicSignatureSigningConfigurationobject.- Parameters:
config- the configuration- Returns:
- a signing configuration with RSA-PSS algorithms included
-
buildBasicEncryptedKeyResolver
Build a basic instance ofEncryptedKeyResolver. Extends the one fromDefaultSecurityConfigurationBootstrapwithEncryptedElementTypeEncryptedKeyResolver.- Returns:
- an EncryptedKey resolver instance
-