KeyInfo AttributeDecoder

The decoder, indicated by xsi:type="KeyInfoAttributeDecoder", processes SAML attribute values that take the form of a <ds:KeyInfo> element (or the equivalent schema type).

Its current capability is to rely on a KeyInfoResolver plugin to transform the input data into a public key, after which it is DER-encoded into its SubjectPublicKeyInfo form and then base64-encoded.

Attributes

Any of the Common Attributes can be specified In addition the following can be used

Name	Type	Default	Description
`hash`	boolean	`false`	If set to true, the resulting DER-encoded key values are hashed via SHA-1 before being base64-encoded. Note that this is a different hashing operation than the generic one supported with the `hashAlg` attribute, described under common attributes.
`keyInfoHashAlg`	string	"SHA1"	Optional name of hashing algorithm to use if the `hash` option is enabled. The algorithm names to use here are dependent on the cryptographic library that supplies the hashing. In the case of OpenSSL, they're simple names like "SHA1" or "SHA256".

Child Elements

Name	Cardinality		Description
<`KeyInfoResolver`>	0 or 1		Allows an alternate implementation to be supplied for mapping the data inside a `<ds:KeyInfo>` structure into a public key. The default implementation used, if no plugin is specified, is an "inline" implementation that understands `<ds:KeyValue>` and `<ds:X509Certificate>` content.

Example

<TBD/>