/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <xmltooling/XMLToolingConfig.h>
#include <xmltooling/security/KeyInfoResolver.h>
-#include <xmltooling/security/X509Credential.h>
+#include <xmltooling/security/Credential.h>
#include <xmltooling/signature/KeyInfo.h>
#include <xmltooling/signature/Signature.h>
virtual bool matches(const Credential& credential) const;
/**
- * Get the key usage criteria.
+ * Get key usage criteria.
*
- * @return the usage.
+ * @return the usage mask
*/
- Credential::UsageTypes getUsage() const {
+ unsigned int getUsage() const {
return m_keyUsage;
}
/**
- * Set the key usage criteria.
+ * Set key usage criteria.
*
- * @param usage the usage to set
+ * @param usage the usage mask to set
*/
- void setUsage(Credential::UsageTypes usage) {
+ void setUsage(unsigned int usage) {
m_keyUsage = usage;
}
*/
enum keyinfo_extraction_t {
KEYINFO_EXTRACTION_KEY = 1,
- KEYINFO_EXTRACTION_KEYNAMES = 2,
- KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES = 4
+ KEYINFO_EXTRACTION_KEYNAMES = 2
};
/**
* @param keyInfo the KeyInfo criteria
* @param extraction bitmask of criteria to auto-extract from KeyInfo
*/
- virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0) {
- delete m_credential;
- m_credential = NULL;
- m_keyInfo = keyInfo;
- if (!keyInfo || !extraction)
- return;
-
- int types = (extraction & KEYINFO_EXTRACTION_KEY) ? Credential::RESOLVE_KEYS : 0;
- types |= (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
- m_credential = XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(keyInfo,types);
-
- if (extraction & KEYINFO_EXTRACTION_KEY)
- setPublicKey(m_credential->getPublicKey());
- if (extraction & KEYINFO_EXTRACTION_KEYNAMES)
- m_keyNames.insert(m_credential->getKeyNames().begin(), m_credential->getKeyNames().end());
- if (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) {
- const X509Credential* xcred = dynamic_cast<const X509Credential*>(m_credential);
- if (xcred && !xcred->getEntityCertificateChain().empty())
- X509Credential::extractNames(xcred->getEntityCertificateChain().front(), m_keyNames);
- }
- }
+ virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
/**
* Gets the native KeyInfo criteria.
* @param keyInfo the KeyInfo criteria
* @param extraction bitmask of criteria to auto-extract from KeyInfo
*/
- virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0) {
- delete m_credential;
- m_credential = NULL;
- m_nativeKeyInfo = keyInfo;
- if (!keyInfo || !extraction)
- return;
-
- int types = (extraction & KEYINFO_EXTRACTION_KEY) ? Credential::RESOLVE_KEYS : 0;
- types |= (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
- m_credential = XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(keyInfo,types);
-
- if (extraction & KEYINFO_EXTRACTION_KEY)
- setPublicKey(m_credential->getPublicKey());
- if (extraction & KEYINFO_EXTRACTION_KEYNAMES)
- m_keyNames.insert(m_credential->getKeyNames().begin(), m_credential->getKeyNames().end());
- if (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) {
- const X509Credential* xcred = dynamic_cast<const X509Credential*>(m_credential);
- if (xcred && !xcred->getEntityCertificateChain().empty())
- X509Credential::extractNames(xcred->getEntityCertificateChain().front(), m_keyNames);
- }
- }
+ virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
/**
* Sets the KeyInfo criteria from an XML Signature.
* @param sig the Signature containing KeyInfo criteria
* @param extraction bitmask of criteria to auto-extract from KeyInfo
*/
- void setSignature(const xmlsignature::Signature& sig, int extraction=0) {
- setXMLAlgorithm(sig.getSignatureAlgorithm());
- xmlsignature::KeyInfo* k = sig.getKeyInfo();
- if (k)
- return setKeyInfo(k,extraction);
- DSIGSignature* dsig = sig.getXMLSignature();
- if (dsig)
- setNativeKeyInfo(dsig->getKeyInfoList(),extraction);
- }
+ void setSignature(const xmlsignature::Signature& sig, int extraction=0);
private:
- Credential::UsageTypes m_keyUsage;
+ unsigned int m_keyUsage;
unsigned int m_keySize;
std::string m_peerName,m_keyAlgorithm;
std::set<std::string> m_keyNames;