-/*\r
- * Copyright 2001-2006 Internet2\r
- * \r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- */\r
-\r
-/**\r
- * @file saml/security/ChainingTrustEngine.h\r
- * \r
- * X509TrustEngine that uses multiple engines in sequence.\r
- */\r
-\r
-#ifndef __saml_chaintrust_h__\r
-#define __saml_chaintrust_h__\r
-\r
-#include <saml/security/X509TrustEngine.h>\r
-\r
-namespace opensaml {\r
-\r
- /**\r
- * X509TrustEngine that uses multiple engines in sequence.\r
- */\r
- class SAML_API ChainingTrustEngine : public X509TrustEngine {\r
- public:\r
- /**\r
- * Constructor.\r
- * \r
- * If a DOM is supplied, the following XML content is supported:\r
- * \r
- * <ul>\r
- * <li><TrustEngine> elements with a type attribute\r
- * </ul>\r
- * \r
- * XML namespaces are ignored in the processing of this content.\r
- * \r
- * @param e DOM to supply configuration for provider\r
- */\r
- ChainingTrustEngine(const DOMElement* e=NULL);\r
- \r
- /**\r
- * Destructor will delete any embedded engines.\r
- */\r
- virtual ~ChainingTrustEngine();\r
-\r
- /**\r
- * Adds a trust engine for future calls.\r
- * \r
- * @param newEngine trust engine to add\r
- */\r
- void addTrustEngine(X509TrustEngine* newEngine) {\r
- m_engines.push_back(newEngine);\r
- }\r
-\r
- /**\r
- * Removes a trust engine. The caller must delete the engine if necessary.\r
- * \r
- * @param oldEngine trust engine to remove\r
- * @return the old engine\r
- */\r
- X509TrustEngine* removeTrustEngine(X509TrustEngine* oldEngine) {\r
- for (std::vector<X509TrustEngine*>::iterator i=m_engines.begin(); i!=m_engines.end(); i++) {\r
- if (oldEngine==(*i)) {\r
- m_engines.erase(i);\r
- return oldEngine;\r
- }\r
- }\r
- return NULL;\r
- }\r
-\r
- virtual bool validate(\r
- xmlsignature::Signature& sig,\r
- const saml2md::RoleDescriptor& role,\r
- const xmlsignature::KeyResolver* keyResolver=NULL\r
- );\r
- virtual bool validate(\r
- XSECCryptoX509* certEE,\r
- const std::vector<XSECCryptoX509*>& certChain,\r
- const saml2md::RoleDescriptor& role,\r
- bool checkName=true,\r
- const xmlsignature::KeyResolver* keyResolver=NULL\r
- );\r
-\r
- private:\r
- std::vector<X509TrustEngine*> m_engines;\r
- };\r
- \r
-};\r
-\r
-#endif /* __saml_chaintrust_h__ */\r
+/*
+ * Copyright 2001-2006 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file saml/security/ChainingTrustEngine.h
+ *
+ * X509TrustEngine that uses multiple engines in sequence.
+ */
+
+#ifndef __saml_chaintrust_h__
+#define __saml_chaintrust_h__
+
+#include <saml/security/X509TrustEngine.h>
+
+namespace opensaml {
+
+ /**
+ * X509TrustEngine that uses multiple engines in sequence.
+ */
+ class SAML_API ChainingTrustEngine : public X509TrustEngine {
+ public:
+ /**
+ * Constructor.
+ *
+ * If a DOM is supplied, the following XML content is supported:
+ *
+ * <ul>
+ * <li><TrustEngine> elements with a type attribute
+ * </ul>
+ *
+ * XML namespaces are ignored in the processing of this content.
+ *
+ * @param e DOM to supply configuration for provider
+ */
+ ChainingTrustEngine(const DOMElement* e=NULL);
+
+ /**
+ * Destructor will delete any embedded engines.
+ */
+ virtual ~ChainingTrustEngine();
+
+ /**
+ * Adds a trust engine for future calls.
+ *
+ * @param newEngine trust engine to add
+ */
+ void addTrustEngine(X509TrustEngine* newEngine) {
+ m_engines.push_back(newEngine);
+ }
+
+ /**
+ * Removes a trust engine. The caller must delete the engine if necessary.
+ *
+ * @param oldEngine trust engine to remove
+ * @return the old engine
+ */
+ X509TrustEngine* removeTrustEngine(X509TrustEngine* oldEngine) {
+ for (std::vector<X509TrustEngine*>::iterator i=m_engines.begin(); i!=m_engines.end(); i++) {
+ if (oldEngine==(*i)) {
+ m_engines.erase(i);
+ return oldEngine;
+ }
+ }
+ return NULL;
+ }
+
+ virtual bool validate(
+ xmlsignature::Signature& sig,
+ const saml2md::RoleDescriptor& role,
+ const xmlsignature::KeyResolver* keyResolver=NULL
+ ) const;
+ virtual bool validate(
+ const XMLCh* sigAlgorithm,
+ const char* sig,
+ xmlsignature::KeyInfo* keyInfo,
+ const char* in,
+ unsigned int in_len,
+ const saml2md::RoleDescriptor& role,
+ const xmlsignature::KeyResolver* keyResolver=NULL
+ ) const;
+ virtual bool validate(
+ XSECCryptoX509* certEE,
+ const std::vector<XSECCryptoX509*>& certChain,
+ const saml2md::RoleDescriptor& role,
+ bool checkName=true,
+ const xmlsignature::KeyResolver* keyResolver=NULL
+ ) const;
+
+ private:
+ std::vector<X509TrustEngine*> m_engines;
+ };
+
+};
+
+#endif /* __saml_chaintrust_h__ */