X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltooling%2Fsecurity%2FBasicX509Credential.h;h=1bfe2ec45a1b267b9d170ce24da2f39c511aa5cf;hb=a0d768778a8f5f539b909baf5b115e70ea765f0f;hp=6225f69eb136834efc0b006155aef7e7f41078ba;hpb=6505807a62569ce65803b448b07a6872c6af2512;p=shibboleth%2Fcpp-xmltooling.git

diff --git a/xmltooling/security/BasicX509Credential.h b/xmltooling/security/BasicX509Credential.h
index 6225f69..1bfe2ec 100644
--- a/xmltooling/security/BasicX509Credential.h
+++ b/xmltooling/security/BasicX509Credential.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -25,7 +25,9 @@
 
 #include <xmltooling/security/X509Credential.h>
 
-#include <algorithm>
+#include <set>
+#include <vector>
+#include <string>
 
 namespace xmlsignature {
     class XMLTOOL_API KeyInfo;
@@ -39,8 +41,12 @@ namespace xmltooling {
     class XMLTOOL_API BasicX509Credential : public virtual X509Credential
     {
     protected:
-        BasicX509Credential(bool ownCerts) : m_key(NULL), m_ownCerts(ownCerts), m_crl(NULL), m_keyInfo(NULL), m_compactKeyInfo(NULL) {
-        }
+        /**
+         * Constructor.
+         * 
+         * @param ownCerts  true iff any certificates subsequently stored should be freed by destructor
+         */
+        BasicX509Credential(bool ownCerts);
 
         /**
          * Constructor.
@@ -49,21 +55,40 @@ namespace xmltooling {
          * @param certs array of X.509 certificates, the first entry being the entity certificate
          * @param crl   optional CRL
          */
-        BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, XSECCryptoX509CRL* crl=NULL)
-                : m_key(key), m_xseccerts(certs), m_ownCerts(true), m_crl(crl), m_keyInfo(NULL), m_compactKeyInfo(NULL) {
-        }
+        BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, XSECCryptoX509CRL* crl=nullptr);
+
+        /**
+         * Constructor.
+         * 
+         * @param key   key pair or secret key
+         * @param certs array of X.509 certificates, the first entry being the entity certificate
+         * @param crls  array of X.509 CRLs
+         */
+        BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, const std::vector<XSECCryptoX509CRL*>& crls);
 
         /** The private/secret key/keypair. */
         XSECCryptoKey* m_key;
 
+        /** Key names (derived from credential, KeyInfo, or both). */
+        std::set<std::string> m_keyNames;
+
+        /** Subject DN. */
+        std::string m_subjectName;
+
+        /** Issuer DN. */
+        std::string m_issuerName;
+
+        /** Serial number. */
+        std::string m_serial;
+
         /** The X.509 certificate chain. */
         std::vector<XSECCryptoX509*> m_xseccerts;
 
         /** Indicates whether to destroy certificates. */
         bool m_ownCerts;
 
-        /** The X.509 CRL. */
-        XSECCryptoX509CRL* m_crl;
+        /** The X.509 CRLs. */
+        std::vector<XSECCryptoX509CRL*> m_crls;
 
         /** The KeyInfo object representing the information. */
         xmlsignature::KeyInfo* m_keyInfo;
@@ -73,49 +98,29 @@ namespace xmltooling {
 
         /**
          * Initializes (or reinitializes) a ds:KeyInfo to represent the Credential.
+         *
+         * @param types the kinds of KeyInfo content to include 
          */
-        void initKeyInfo();
-        
+        void initKeyInfo(unsigned int types=0);
+
     public:
         virtual ~BasicX509Credential();
         
-        XSECCryptoKey* getPrivateKey() const {
-            if (m_key) {
-                XSECCryptoKey::KeyType type = m_key->getKeyType();
-                if (type!=XSECCryptoKey::KEY_RSA_PUBLIC && type!=XSECCryptoKey::KEY_DSA_PUBLIC)
-                    return m_key;
-            }
-            return NULL;
-        }
-
-        XSECCryptoKey* getPublicKey() const {
-            if (m_key) {
-                XSECCryptoKey::KeyType type = m_key->getKeyType();
-                if (type!=XSECCryptoKey::KEY_RSA_PRIVATE && type!=XSECCryptoKey::KEY_DSA_PRIVATE)
-                    return m_key;
-            }
-            return NULL;
-        }
-
-        std::vector<std::string>::size_type getKeyNames(std::vector<std::string>& results) const;
-
-        const xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const {
-            return compact ? m_compactKeyInfo : (m_keyInfo ? m_keyInfo : m_compactKeyInfo);
-        }
-        
-        /**
-         * Gets an immutable collection of certificates in the entity's trust chain. The entity certificate is contained
-         * within this list. No specific ordering of the certificates is guaranteed.
-         * 
-         * @return a certificate chain
-         */
-        const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const {
-            return m_xseccerts;
-        }
-
-        XSECCryptoX509CRL* getCRL() const {
-            return m_crl;
-        }
+        // Virtual function overrides.
+        unsigned int getUsage() const;
+        const char* getAlgorithm() const;
+        unsigned int getKeySize() const;
+        XSECCryptoKey* getPrivateKey() const;
+        XSECCryptoKey* getPublicKey() const;
+        const std::set<std::string>& getKeyNames() const;
+        xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const;
+        const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const;
+        XSECCryptoX509CRL* getCRL() const;
+        const std::vector<XSECCryptoX509CRL*>& getCRLs() const;
+        const char* getSubjectName() const;
+        const char* getIssuerName() const;
+        const char* getSerialNumber() const;
+        void extract();
     };
 };