Make hex encoding optional to allow replacement of deprecated version.

[shibboleth/cpp-xmltooling.git] / xmltooling / security / X509Credential.h

diff --git a/xmltooling/security/X509Credential.h b/xmltooling/security/X509Credential.h
index 6442ca1..86df5e2 100644 (file)
--- a/xmltooling/security/X509Credential.h
+++ b/xmltooling/security/X509Credential.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,22 +24,23 @@
 #define __xmltooling_x509cred_h__
 
 #include <xmltooling/security/Credential.h>
-#include <xmltooling/security/XSECCryptoX509CRL.h>
 
-#include <xsec/enc/XSECCryptoX509.hpp>
+class XSECCryptoX509;
 
 namespace xmltooling {
 
+    class XMLTOOL_API XSECCryptoX509CRL;
+
     /**
      * Wraps an X.509-based Credential.
      */
     class XMLTOOL_API X509Credential : public virtual Credential
     {
     protected:
-        X509Credential() {}
+        X509Credential();
         
     public:
-        virtual ~X509Credential() {}
+        virtual ~X509Credential();
 
         /**
          * Bitmask constants for limiting resolution process inside a CredentialResolver. 
@@ -50,6 +51,15 @@ namespace xmltooling {
         };
 
         /**
+         * Bitmask of supported KeyInfo content to generate. 
+         */
+        enum KeyInfoTypes {
+            KEYINFO_X509_CERTIFICATE = 4,
+            KEYINFO_X509_SUBJECTNAME = 8,
+            KEYINFO_X509_ISSUERSERIAL = 16
+        };
+
+        /**
          * Gets an immutable collection of certificates in the entity's trust chain. The entity certificate is contained
          * within this list. No specific ordering of the certificates is guaranteed.
          * 
@@ -58,6 +68,8 @@ namespace xmltooling {
         virtual const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const=0;
 
         /**
+         * @deprecated
+         *
          * Gets a CRL associated with the credential.
          * 
          * @return CRL associated with the credential
@@ -65,12 +77,38 @@ namespace xmltooling {
         virtual XSECCryptoX509CRL* getCRL() const=0;
 
         /**
-         * Extracts Subject CN and DNS/URI subjectAltNames from a certificate.
+         * Gets an immutable collection of all CRLs associated with the credential.
+         * 
+         * @return CRLs associated with the credential
+         */
+        virtual const std::vector<XSECCryptoX509CRL*>& getCRLs() const=0;
+
+
+        /**
+         * Gets the subject name of the first certificate in the chain.
          *
-         * @param x509  certificate to extract
-         * @param names a set to insert names into
+         * @return the Subject DN
+         */
+        virtual const char* getSubjectName() const=0;
+
+        /**
+         * Gets the issuer name of the first certificate in the chain.
+         *
+         * @return the Issuer DN
+         */
+        virtual const char* getIssuerName() const=0;
+
+        /**
+         * Gets the serial number of the first certificate in the chain.
+         *
+         * @return the serial number
+         */
+        virtual const char* getSerialNumber() const=0;
+
+        /**
+         * Extracts properties like issuer and subject from the first certificate in the chain.
          */
-        static void extractNames(XSECCryptoX509* x509, std::set<std::string>& names);
+        virtual void extract()=0;
     };
 };