-/*
- * Copyright 2001-2007 Internet2
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/
/**
#define __xmltooling_x509cred_h__
#include <xmltooling/security/Credential.h>
-#include <xmltooling/security/XSECCryptoX509CRL.h>
-#include <xsec/enc/XSECCryptoX509.hpp>
+class XSECCryptoX509;
namespace xmltooling {
+ class XMLTOOL_API XSECCryptoX509CRL;
+
/**
* Wraps an X.509-based Credential.
*/
class XMLTOOL_API X509Credential : public virtual Credential
{
protected:
- X509Credential() {}
+ X509Credential();
public:
- virtual ~X509Credential() {}
+ virtual ~X509Credential();
/**
* Bitmask constants for limiting resolution process inside a CredentialResolver.
};
/**
+ * Bitmask of supported KeyInfo content to generate.
+ */
+ enum KeyInfoTypes {
+ KEYINFO_X509_CERTIFICATE = 4,
+ KEYINFO_X509_SUBJECTNAME = 8,
+ KEYINFO_X509_ISSUERSERIAL = 16,
+ KEYINFO_X509_DIGEST = 32
+ };
+
+ /**
* Gets an immutable collection of certificates in the entity's trust chain. The entity certificate is contained
* within this list. No specific ordering of the certificates is guaranteed.
*
virtual const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const=0;
/**
+ * @deprecated
+ *
* Gets a CRL associated with the credential.
*
* @return CRL associated with the credential
virtual XSECCryptoX509CRL* getCRL() const=0;
/**
- * Extracts Subject CN and DNS/URI subjectAltNames from a certificate.
+ * Gets an immutable collection of all CRLs associated with the credential.
+ *
+ * @return CRLs associated with the credential
+ */
+ virtual const std::vector<XSECCryptoX509CRL*>& getCRLs() const=0;
+
+
+ /**
+ * Gets the subject name of the first certificate in the chain.
+ *
+ * @return the Subject DN
+ */
+ virtual const char* getSubjectName() const=0;
+
+ /**
+ * Gets the issuer name of the first certificate in the chain.
+ *
+ * @return the Issuer DN
+ */
+ virtual const char* getIssuerName() const=0;
+
+ /**
+ * Gets the serial number of the first certificate in the chain.
*
- * @param x509 certificate to extract
- * @param names a set to insert names into
+ * @return the serial number
+ */
+ virtual const char* getSerialNumber() const=0;
+
+ /**
+ * Extracts properties like issuer and subject from the first certificate in the chain.
*/
- static void extractNames(XSECCryptoX509* x509, std::set<std::string>& names);
+ virtual void extract()=0;
};
};