X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltooling%2Fencryption%2FEncrypter.h;h=c562a225a3089506d1b42f27c79f6bc3a8079548;hb=5cb314df178f78c6fa7b9826c2c5a5298ec7a473;hp=bb00268be7cac2bd9248c36f6c289e5cde462624;hpb=e39828c168f8f0135373daf46989d6b28257b39f;p=shibboleth%2Fcpp-xmltooling.git

diff --git a/xmltooling/encryption/Encrypter.h b/xmltooling/encryption/Encrypter.h
index bb00268..c562a22 100644
--- a/xmltooling/encryption/Encrypter.h
+++ b/xmltooling/encryption/Encrypter.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2006 Internet2
+ *  Copyright 2001-2007 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,7 +15,7 @@
  */
 
 /**
- * @file Encrypter.h
+ * @file xmltooling/encryption/Encrypter.h
  * 
  * Methods for encrypting XMLObjects and other data.
  */
@@ -99,16 +99,21 @@ namespace xmlencryption {
             
             /**
              * Constructor.
-             * The algorithm constant <strong>MUST</strong> be accessible for the life of the structure.
-             * Using a static constant suffices for this. The other objects will be destroyed if need be
+             * The algorithm and recipient constants <strong>MUST</strong> be accessible for the life of the
+             * structure. Using a static constant suffices for this. The other objects will be destroyed if
              * when the structure is destroyed. 
              * 
              * @param algorithm     the XML Encryption key wrapping or transport algorithm constant
              * @param key           the key encryption key to use
+             * @param recipient     optional name of recipient of encrypted key
              * @param keyInfo       a KeyInfo object to place within the EncryptedKey structure that describes the KEK
              */
-            KeyEncryptionParams(const XMLCh* algorithm, XSECCryptoKey* key, xmlsignature::KeyInfo* keyInfo=NULL)
-                : m_key(key), m_keyInfo(keyInfo), m_algorithm(algorithm) {
+            KeyEncryptionParams(
+                const XMLCh* algorithm,
+                XSECCryptoKey* key,
+                const XMLCh* recipient=NULL,
+                xmlsignature::KeyInfo* keyInfo=NULL
+                ) : m_algorithm(algorithm), m_key(key), m_recipient(recipient), m_keyInfo(keyInfo) {
             }
         
             ~KeyEncryptionParams() {
@@ -116,9 +121,10 @@ namespace xmlencryption {
                 delete m_keyInfo;
             }
         private:
+            const XMLCh* m_algorithm;
             XSECCryptoKey* m_key;
+            const XMLCh* m_recipient;
             xmlsignature::KeyInfo* m_keyInfo;
-            const XMLCh* m_algorithm;
             
             friend class Encrypter;
         };
@@ -129,55 +135,65 @@ namespace xmlencryption {
         
         /**
          * Encrypts the supplied element and returns the resulting object.
-         * The returned object will be unmarshalled around a DOM tree created
-         * using the encrypted element's owning document.
          * 
          * If an encryption algorithm is set, but no key, a random key will be
-         * generated iff keParams is non-NULL and the algorithm is known.
+         * generated iff kencParams is non-NULL and the algorithm is known.
          * 
          * If key encryption parameters are supplied, then the encryption key
          * is wrapped and the result placed into an EncryptedKey object in the
          * KeyInfo of the returned EncryptedData.
          * 
-         * @param element   the DOM element to encrypt
-         * @param keParams  key encryption settings, or NULL
+         * @param element       the DOM element to encrypt
+         * @param encParams     primary encryption settings
+         * @param kencParams    key encryption settings, or NULL
+         * @return a stand-alone EncryptedData object, unconnected to the source DOM 
          */
         EncryptedData* encryptElement(DOMElement* element, EncryptionParams& encParams, KeyEncryptionParams* kencParams=NULL);
 
         /**
          * Encrypts the supplied element's children and returns the resulting object.
-         * The returned object will be unmarshalled around a DOM tree created
-         * using the encrypted content's owning document.
          * 
          * If an encryption algorithm is set, but no key, a random key will be
-         * generated iff keParams is non-NULL and the algorithm is known.
+         * generated iff kencParams is non-NULL and the algorithm is known.
 
          * If key encryption parameters are supplied, then the encryption key
          * is wrapped and the result placed into an EncryptedKey object in the
          * KeyInfo of the returned EncryptedData.
          * 
-         * @param element   parent element of children to encrypt
-         * @param keParams  key encryption settings, or NULL
+         * @param element       parent element of children to encrypt
+         * @param encParams     primary encryption settings
+         * @param kencParams    key encryption settings, or NULL
+         * @return a stand-alone EncryptedData object, unconnected to the source DOM 
          */
         EncryptedData* encryptElementContent(DOMElement* element, EncryptionParams& encParams, KeyEncryptionParams* kencParams=NULL);
 
         /**
          * Encrypts the supplied input stream and returns the resulting object.
-         * The returned object will be unmarshalled around a DOM tree created
-         * using the encrypted element's owning document.
          * 
          * If an encryption algorithm is set, but no key, a random key will be
-         * generated iff keParams is non-NULL and the algorithm is known.
+         * generated iff kencParams is non-NULL and the algorithm is known.
 
          * If key encryption parameters are supplied, then the encryption key
          * is wrapped and the result placed into an EncryptedKey object in the
          * KeyInfo of the returned EncryptedData.
          * 
-         * @param input   the stream to encrypt
-         * @param keParams  key encryption settings, or NULL
+         * @param input         the stream to encrypt
+         * @param encParams     primary encryption settings
+         * @param kencParams    key encryption settings, or NULL
+         * @return a stand-alone EncryptedData object, unconnected to any DOM 
          */
         EncryptedData* encryptStream(std::istream& input, EncryptionParams& encParams, KeyEncryptionParams* kencParams=NULL);
         
+        /**
+         * Encrypts the supplied key and returns the resulting object.
+         * 
+         * @param keyBuffer     raw key material to encrypt
+         * @param keyBufferSize size in bytes of raw key material
+         * @param kencParams    key encryption settings
+         * @return a stand-alone EncryptedKey object, unconnected to any DOM 
+         */
+        EncryptedKey* encryptKey(const unsigned char* keyBuffer, unsigned int keyBufferSize, KeyEncryptionParams& kencParams);
+        
     private:
         void checkParams(EncryptionParams& encParams, KeyEncryptionParams* kencParams);
         EncryptedData* decorateAndUnmarshall(EncryptionParams& encParams, KeyEncryptionParams* kencParams);
@@ -186,7 +202,7 @@ namespace xmlencryption {
         unsigned char m_keyBuffer[32];
     };
 
-    DECL_XMLTOOLING_EXCEPTION(EncryptionException,XMLTOOL_EXCEPTIONAPI(XMLTOOL_API),xmlencryption,xmltooling::XMLToolingException,Exceptions in encryption processing);
+    DECL_XMLTOOLING_EXCEPTION(EncryptionException,XMLTOOL_EXCEPTIONAPI(XMLTOOL_API),xmlencryption,xmltooling::XMLSecurityException,Exceptions in encryption processing);
 
 };