https://issues.shibboleth.net/jira/browse/CPPXT-31

[shibboleth/cpp-xmltooling.git] / xmltooling / security / CredentialCriteria.h

diff --git a/xmltooling/security/CredentialCriteria.h b/xmltooling/security/CredentialCriteria.h
index 2936f1a..4011bba 100644 (file)
--- a/xmltooling/security/CredentialCriteria.h
+++ b/xmltooling/security/CredentialCriteria.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -25,7 +25,7 @@
 
 #include <xmltooling/XMLToolingConfig.h>
 #include <xmltooling/security/KeyInfoResolver.h>
-#include <xmltooling/security/X509Credential.h>
+#include <xmltooling/security/Credential.h>
 #include <xmltooling/signature/KeyInfo.h>
 #include <xmltooling/signature/Signature.h>
 
@@ -58,20 +58,20 @@ namespace xmltooling {
         virtual bool matches(const Credential& credential) const;
        
         /**
-         * Get the key usage criteria.
+         * Get key usage criteria.
          * 
-         * @return the usage.
+         * @return the usage mask
          */
-        Credential::UsageTypes getUsage() const {
+        unsigned int getUsage() const {
             return m_keyUsage;
         }
     
         /**
-         * Set the key usage criteria.
+         * Set key usage criteria.
          * 
-         * @param usage the usage to set
+         * @param usage the usage mask to set
          */
-        void setUsage(Credential::UsageTypes usage) {
+        void setUsage(unsigned int usage) {
             m_keyUsage = usage;
         }
 
@@ -196,8 +196,7 @@ namespace xmltooling {
          */
         enum keyinfo_extraction_t {
             KEYINFO_EXTRACTION_KEY = 1,
-            KEYINFO_EXTRACTION_KEYNAMES = 2,
-            KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES = 4
+            KEYINFO_EXTRACTION_KEYNAMES = 2
         };
 
         /**
@@ -215,27 +214,7 @@ namespace xmltooling {
          * @param keyInfo       the KeyInfo criteria
          * @param extraction    bitmask of criteria to auto-extract from KeyInfo
          */
-        virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0) {
-            delete m_credential;
-            m_credential = NULL;
-            m_keyInfo = keyInfo;
-            if (!keyInfo || !extraction)
-                return;
-
-            int types = (extraction & KEYINFO_EXTRACTION_KEY) ? Credential::RESOLVE_KEYS : 0;
-            types |= (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
-            m_credential = XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(keyInfo,types);
-
-            if (extraction & KEYINFO_EXTRACTION_KEY)
-                setPublicKey(m_credential->getPublicKey());
-            if (extraction & KEYINFO_EXTRACTION_KEYNAMES)
-                m_keyNames.insert(m_credential->getKeyNames().begin(), m_credential->getKeyNames().end());
-            if (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) {
-                const X509Credential* xcred = dynamic_cast<const X509Credential*>(m_credential);
-                if (xcred && !xcred->getEntityCertificateChain().empty())
-                    X509Credential::extractNames(xcred->getEntityCertificateChain().front(), m_keyNames);
-            }
-        } 
+        virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
 
         /**
          * Gets the native KeyInfo criteria.
@@ -252,27 +231,7 @@ namespace xmltooling {
          * @param keyInfo       the KeyInfo criteria
          * @param extraction    bitmask of criteria to auto-extract from KeyInfo
          */
-        virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0) {
-            delete m_credential;
-            m_credential = NULL;
-            m_nativeKeyInfo = keyInfo;
-            if (!keyInfo || !extraction)
-                return;
-
-            int types = (extraction & KEYINFO_EXTRACTION_KEY) ? Credential::RESOLVE_KEYS : 0;
-            types |= (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
-            m_credential = XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(keyInfo,types);
-
-            if (extraction & KEYINFO_EXTRACTION_KEY)
-                setPublicKey(m_credential->getPublicKey());
-            if (extraction & KEYINFO_EXTRACTION_KEYNAMES)
-                m_keyNames.insert(m_credential->getKeyNames().begin(), m_credential->getKeyNames().end());
-            if (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) {
-                const X509Credential* xcred = dynamic_cast<const X509Credential*>(m_credential);
-                if (xcred && !xcred->getEntityCertificateChain().empty())
-                    X509Credential::extractNames(xcred->getEntityCertificateChain().front(), m_keyNames);
-            }
-        }
+        virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
 
         /**
          * Sets the KeyInfo criteria from an XML Signature.
@@ -280,18 +239,10 @@ namespace xmltooling {
          * @param sig           the Signature containing KeyInfo criteria
          * @param extraction    bitmask of criteria to auto-extract from KeyInfo
          */
-        void setSignature(const xmlsignature::Signature& sig, int extraction=0) {
-            setXMLAlgorithm(sig.getSignatureAlgorithm());
-            xmlsignature::KeyInfo* k = sig.getKeyInfo();
-            if (k)
-                return setKeyInfo(k,extraction);
-            DSIGSignature* dsig = sig.getXMLSignature();
-            if (dsig)
-                setNativeKeyInfo(dsig->getKeyInfoList(),extraction);
-        }
+        void setSignature(const xmlsignature::Signature& sig, int extraction=0);
 
     private:
-        Credential::UsageTypes m_keyUsage;
+        unsigned int m_keyUsage;
         unsigned int m_keySize;
         std::string m_peerName,m_keyAlgorithm;
         std::set<std::string> m_keyNames;