X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltooling%2Fsecurity%2FBasicX509Credential.h;h=09d9ffeabde42af15ee050f340c868577e291606;hb=bd026f07e729e66127b3efd48aee443fba815af3;hp=37948e5d20a767f78cffb7e6133246cd2174f060;hpb=006818f66e357ec4c0c6e21d671b8624ad8136b1;p=shibboleth%2Fcpp-xmltooling.git

diff --git a/xmltooling/security/BasicX509Credential.h b/xmltooling/security/BasicX509Credential.h
index 37948e5..09d9ffe 100644
--- a/xmltooling/security/BasicX509Credential.h
+++ b/xmltooling/security/BasicX509Credential.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,9 +24,14 @@
 #define __xmltooling_basicx509cred_h__
 
 #include <xmltooling/security/X509Credential.h>
-#include <xmltooling/signature/KeyInfo.h>
 
-#include <algorithm>
+#include <set>
+#include <vector>
+#include <string>
+
+namespace xmlsignature {
+    class XMLTOOL_API KeyInfo;
+};
 
 namespace xmltooling {
 
@@ -41,8 +46,7 @@ namespace xmltooling {
          * 
          * @param ownCerts  true iff any certificates subsequently stored should be freed by destructor
          */
-        BasicX509Credential(bool ownCerts) : m_key(NULL), m_serial(-1), m_ownCerts(ownCerts), m_crl(NULL), m_keyInfo(NULL), m_compactKeyInfo(NULL) {
-        }
+        BasicX509Credential(bool ownCerts);
 
         /**
          * Constructor.
@@ -51,9 +55,16 @@ namespace xmltooling {
          * @param certs array of X.509 certificates, the first entry being the entity certificate
          * @param crl   optional CRL
          */
-        BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, XSECCryptoX509CRL* crl=NULL)
-                : m_key(key), m_serial(-1), m_xseccerts(certs), m_ownCerts(true), m_crl(crl), m_keyInfo(NULL), m_compactKeyInfo(NULL) {
-        }
+        BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, XSECCryptoX509CRL* crl=NULL);
+
+        /**
+         * Constructor.
+         * 
+         * @param key   key pair or secret key
+         * @param certs array of X.509 certificates, the first entry being the entity certificate
+         * @param crls  array of X.509 CRLs
+         */
+        BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, const std::vector<XSECCryptoX509CRL*>& crls);
 
         /** The private/secret key/keypair. */
         XSECCryptoKey* m_key;
@@ -68,7 +79,7 @@ namespace xmltooling {
         std::string m_issuerName;
 
         /** Serial number. */
-        int m_serial;
+        std::string m_serial;
 
         /** The X.509 certificate chain. */
         std::vector<XSECCryptoX509*> m_xseccerts;
@@ -76,8 +87,8 @@ namespace xmltooling {
         /** Indicates whether to destroy certificates. */
         bool m_ownCerts;
 
-        /** The X.509 CRL. */
-        XSECCryptoX509CRL* m_crl;
+        /** The X.509 CRLs. */
+        std::vector<XSECCryptoX509CRL*> m_crls;
 
         /** The KeyInfo object representing the information. */
         xmlsignature::KeyInfo* m_keyInfo;
@@ -87,66 +98,28 @@ namespace xmltooling {
 
         /**
          * Initializes (or reinitializes) a ds:KeyInfo to represent the Credential.
+         *
+         * @param types the kinds of KeyInfo content to include 
          */
-        void initKeyInfo();
+        void initKeyInfo(unsigned int types=0);
 
     public:
         virtual ~BasicX509Credential();
         
-        unsigned int getUsage() const {
-            return UNSPECIFIED_CREDENTIAL;
-        }
+        // Virtual function overrides.
+        unsigned int getUsage() const;
         const char* getAlgorithm() const;
         unsigned int getKeySize() const;
-
-        XSECCryptoKey* getPrivateKey() const {
-            if (m_key) {
-                XSECCryptoKey::KeyType type = m_key->getKeyType();
-                if (type!=XSECCryptoKey::KEY_RSA_PUBLIC && type!=XSECCryptoKey::KEY_DSA_PUBLIC)
-                    return m_key;
-            }
-            return NULL;
-        }
-
-        XSECCryptoKey* getPublicKey() const {
-            if (m_key) {
-                XSECCryptoKey::KeyType type = m_key->getKeyType();
-                if (type!=XSECCryptoKey::KEY_RSA_PRIVATE && type!=XSECCryptoKey::KEY_DSA_PRIVATE)
-                    return m_key;
-            }
-            return NULL;
-        }
-        
-        const std::set<std::string>& getKeyNames() const {
-            return m_keyNames;
-        }
-
-        xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const {
-            if (compact || !m_keyInfo)
-                return m_compactKeyInfo ? m_compactKeyInfo->cloneKeyInfo() : NULL;
-            return m_keyInfo->cloneKeyInfo();
-        }
-        
-        const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const {
-            return m_xseccerts;
-        }
-
-        XSECCryptoX509CRL* getCRL() const {
-            return m_crl;
-        }
-
-        const char* getSubjectName() const {
-            return m_subjectName.c_str();
-        }
-
-        const char* getIssuerName() const {
-            return m_issuerName.c_str();
-        }
-
-        int getSerialNumber() const {
-            return m_serial;
-        }
-
+        XSECCryptoKey* getPrivateKey() const;
+        XSECCryptoKey* getPublicKey() const;
+        const std::set<std::string>& getKeyNames() const;
+        xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const;
+        const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const;
+        XSECCryptoX509CRL* getCRL() const;
+        const std::vector<XSECCryptoX509CRL*>& getCRLs() const;
+        const char* getSubjectName() const;
+        const char* getIssuerName() const;
+        const char* getSerialNumber() const;
         void extract();
     };
 };