SAML2CryptoProvider (OpenAM Project 15.1.7-SNAPSHOT API)

All Known Implementing Classes:

FauxSAML2CryptoProvider, SAML2CryptoProviderImpl
```
public interface SAML2CryptoProvider
```
Encapsulates the concerns of obtaining the Crypto context necessary to sign and encrypt SAML2 assertions.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`PrivateKey`	`getIDPPrivateKey(String keyAlias, String keyPassword)` Returns the PrivateKey corresponding to the PrivateKeyEntry containing the SAML2 Identity Provider's private key.
`X509Certificate`	`getIDPX509Certificate(String certAlias)` Returns the IDP's X509Certificate.
`X509Certificate`	`getSPX509Certificate(String certAlias)` Returns the SP's X509Certificate.

- Method Detail
  - getIDPX509Certificate
```
X509Certificate getIDPX509Certificate(String certAlias)
                               throws TokenCreationException
```
    Returns the IDP's X509Certificate. Is the X509Certificate associated with the PrivateKeyEntry used to sign SAML2 assertions (note this should really return a X509Certificate[], but the OpenAM Assertion class, which encapsulates assertion signing, only allows for a single X509Certificate).
    
    Parameters:
    
    certAlias - the alias corresponding to the SAML2 IdentityProvider's PrivateKeyEntry
    
    Returns:
    
    the X509Certificate - null will not be returned.
    
    Throws:
    
    TokenCreationException - if no entry corresponds to the specified alias
  - getSPX509Certificate
```
X509Certificate getSPX509Certificate(String certAlias)
                              throws TokenCreationException
```
    Returns the SP's X509Certificate. Is the X509Certificate with TrustedCertificateEntry corresponding to the SAML2 ServiceProvider corresponding to the published STS instance. Used to encrypt the generated symmetric key used to encrypt assertion state. In other words, SAML2 assertion encryption involves the generation of a symmetric key, which is used to encrypt the assertion, which includes the generated symmetric key, which is encrypted with the SP's public key.
    
    Parameters:
    
    certAlias - the alias corresponding to the SAML2 ServiceProviders TrustedCertificateEntry
    
    Returns:
    
    the X509Certificate - null will not be returned.
    
    Throws:
    
    TokenCreationException - if no entry corresponds to the specified alias
  - getIDPPrivateKey
```
PrivateKey getIDPPrivateKey(String keyAlias,
                            String keyPassword)
                     throws TokenCreationException
```
    Returns the PrivateKey corresponding to the PrivateKeyEntry containing the SAML2 Identity Provider's private key.
    
    Parameters:
    
    keyAlias - the alias referencing the PrivateKeyEntry
    
    keyPassword - the password for the PrivateKeyEntry
    
    Returns:
    
    the PrivateKey - null will not be returned
    
    Throws:
    
    TokenCreationException - if no entry could be returned corresponding to the alias-password combination

Interface SAML2CryptoProvider

Method Summary

Method Detail

getIDPX509Certificate

getSPX509Certificate

getIDPPrivateKey