#include <saml/saml2/core/Assertions.h>
Public Member Functions | |
virtual EncryptedElementType * | cloneEncryptedElementType () const =0 |
Type-specific clone method. | |
virtual xmlencryption::EncryptedData * | getEncryptedData () const =0 |
Returns the EncryptedData child. | |
virtual void | setEncryptedData (xmlencryption::EncryptedData *child)=0 |
Sets the EncryptedData child. | |
virtual xmltooling::XMLObjectChildrenList < std::vector < xmlencryption::EncryptedKey * > > | getEncryptedKeys ()=0 |
Returns modifiable EncryptedKey collection. | |
virtual const std::vector < xmlencryption::EncryptedKey * > & | getEncryptedKeys () const =0 |
Returns reference to immutable EncryptedKey collection. | |
virtual void | encrypt (const EncryptableObject &xmlObject, const saml2md::MetadataProvider &metadataProvider, saml2md::MetadataCredentialCriteria &criteria, bool compact=false, const XMLCh *algorithm=0) |
Encrypts an object to a single recipient using this object as a container. | |
virtual void | encrypt (const EncryptableObject &xmlObject, const std::vector< std::pair< const saml2md::MetadataProvider *, saml2md::MetadataCredentialCriteria * > > &recipients, bool compact=false, const XMLCh *algorithm=0) |
Encrypts an object to multiple recipients using this object as a container. | |
virtual xmltooling::XMLObject * | decrypt (const xmltooling::CredentialResolver &credResolver, const XMLCh *recipient, xmltooling::CredentialCriteria *criteria=0, bool requireAuthenticatedCipher=false) const |
Decrypts the element using the supplied CredentialResolver. | |
Static Public Attributes | |
static const XMLCh | LOCAL_NAME [] |
Element local name. | |
static const XMLCh | TYPE_NAME [] |
EncryptedElementType local name. |
virtual EncryptedElementType* opensaml::saml2::EncryptedElementType::cloneEncryptedElementType | ( | ) | const [pure virtual] |
Type-specific clone method.
virtual xmlencryption :: EncryptedData* opensaml::saml2::EncryptedElementType::getEncryptedData | ( | ) | const [pure virtual] |
Returns the EncryptedData child.
virtual void opensaml::saml2::EncryptedElementType::setEncryptedData | ( | xmlencryption::EncryptedData * | child | ) | [pure virtual] |
Sets the EncryptedData child.
virtual xmltooling::XMLObjectChildrenList< std::vector< xmlencryption :: EncryptedKey *> > opensaml::saml2::EncryptedElementType::getEncryptedKeys | ( | ) | [pure virtual] |
Returns modifiable EncryptedKey collection.
virtual const std::vector< xmlencryption :: EncryptedKey *>& opensaml::saml2::EncryptedElementType::getEncryptedKeys | ( | ) | const [pure virtual] |
Returns reference to immutable EncryptedKey collection.
virtual void opensaml::saml2::EncryptedElementType::encrypt | ( | const EncryptableObject & | xmlObject, | |
const saml2md::MetadataProvider & | metadataProvider, | |||
saml2md::MetadataCredentialCriteria & | criteria, | |||
bool | compact = false , |
|||
const XMLCh * | algorithm = 0 | |||
) | [virtual] |
Encrypts an object to a single recipient using this object as a container.
xmlObject | object to encrypt | |
metadataProvider | a locked MetadataProvider to supply encryption keys | |
criteria | metadata-based CredentialCriteria to use | |
compact | true iff compact KeyInfo should be used | |
algorithm | optionally specifies data encryption algorithm if none can be determined from metadata |
virtual void opensaml::saml2::EncryptedElementType::encrypt | ( | const EncryptableObject & | xmlObject, | |
const std::vector< std::pair< const saml2md::MetadataProvider *, saml2md::MetadataCredentialCriteria * > > & | recipients, | |||
bool | compact = false , |
|||
const XMLCh * | algorithm = 0 | |||
) | [virtual] |
Encrypts an object to multiple recipients using this object as a container.
xmlObject | object to encrypt | |
recipients | pairs containing a locked MetadataProvider to supply encryption keys, and a metadata-based CredentialCriteria to use | |
compact | true iff compact KeyInfo should be used | |
algorithm | optionally specifies data encryption algorithm if none can be determined from metadata |
virtual xmltooling::XMLObject* opensaml::saml2::EncryptedElementType::decrypt | ( | const xmltooling::CredentialResolver & | credResolver, | |
const XMLCh * | recipient, | |||
xmltooling::CredentialCriteria * | criteria = 0 , |
|||
bool | requireAuthenticatedCipher = false | |||
) | const [virtual] |
Decrypts the element using the supplied CredentialResolver.
The object returned will be unmarshalled around the decrypted DOM element in a new Document owned by the object.
The final boolean parameter is used to enforce a requirement for an authenticated cipher suite such as AES-GCM or similar. These ciphers include an HMAC or equivalent step that prevents tampering. Newer applications should set this parameter to true unless the ciphertext has been independently authenticated, and even in such a case, it is rarely possible to prevent chosen ciphertext attacks by trusted signers.
credResolver | locked resolver supplying decryption keys | |
recipient | identifier naming the recipient (the entity performing the decryption) | |
criteria | optional external criteria to use with resolver | |
requireAuthenticatedCipher | true iff the bulk data encryption algorithm must be an authenticated cipher |