X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=xmltooling%2Fsecurity%2FTrustEngine.h;h=cf4c257e04c41121cedd30b9acc5372bf6115075;hb=6505807a62569ce65803b448b07a6872c6af2512;hp=33049a0eb5ded093c798fe6e7f9c955788ad140f;hpb=e7a65d784215bc04355f014141219b3e7ab4559a;p=shibboleth%2Fcpp-xmltooling.git diff --git a/xmltooling/security/TrustEngine.h b/xmltooling/security/TrustEngine.h index 33049a0..cf4c257 100644 --- a/xmltooling/security/TrustEngine.h +++ b/xmltooling/security/TrustEngine.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2006 Internet2 + * Copyright 2001-2007 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,20 +17,28 @@ /** * @file xmltooling/security/TrustEngine.h * - * Evaluates the trustworthiness and validity of XML Signatures against + * Evaluates the trustworthiness and validity of signatures against * implementation-specific requirements. */ #if !defined(__xmltooling_trust_h__) && !defined(XMLTOOLING_NO_XMLSEC) #define __xmltooling_trust_h__ -#include -#include +#include + +namespace xmlsignature { + class XMLTOOL_API KeyInfo; + class XMLTOOL_API Signature; +}; namespace xmltooling { + class XMLTOOL_API CredentialCriteria; + class XMLTOOL_API CredentialResolver; + class XMLTOOL_API KeyInfoResolver; + /** - * Evaluates the trustworthiness and validity of XML Signatures against + * Evaluates the trustworthiness and validity of XML or raw Signatures against * implementation-specific requirements. */ class XMLTOOL_API TrustEngine { @@ -42,7 +50,7 @@ namespace xmltooling { * If a DOM is supplied, the following XML content is supported: * *
    - *
  • <KeyResolver> elements with a type attribute + *
  • <KeyInfoResolver> elements with a type attribute *
* * XML namespaces are ignored in the processing of this content. @@ -51,58 +59,79 @@ namespace xmltooling { */ TrustEngine(const DOMElement* e=NULL); - /** Default KeyResolver instance. */ - xmlsignature::KeyResolver* m_keyResolver; + /** Custom KeyInfoResolver instance. */ + KeyInfoResolver* m_keyInfoResolver; public: virtual ~TrustEngine(); - + /** - * Callback interface to supply KeyInfo objects to a TrustEngine. - * Applications can adapt TrustEngines to their environment by supplying - * implementations of this interface, or create specialized TrustEngine APIs - * by combining a KeyInfoIterator with a delegated TrustEngine. + * Supplies a KeyInfoResolver instance. + *

This method must be externally synchronized with any code that uses the object. + * Any previously set object is destroyed. + * + * @param keyInfoResolver new KeyInfoResolver instance to use */ - class XMLTOOL_API KeyInfoIterator { - MAKE_NONCOPYABLE(KeyInfoIterator); - protected: - KeyInfoIterator() {} - public: - virtual ~KeyInfoIterator() {} - - /** - * Indicates whether additional KeyInfo objects are available. - * - * @return true iff another KeyInfo object can be fetched - */ - virtual bool hasNext() const=0; - - /** - * Returns the next KeyInfo object available. - * - * @return the next KeyInfo object, or NULL if none are left - */ - virtual const xmlsignature::KeyInfo* next()=0; - }; - + void setKeyInfoResolver(KeyInfoResolver* keyInfoResolver); + /** - * Determines whether a signature is correct and valid with respect to the - * KeyInfo data supplied. It is the responsibility of the application to - * ensure that the KeyInfo information supplied is in fact associated with - * the peer who created the signature. + * Determines whether an XML signature is correct and valid with respect to + * the source of credentials supplied. + * + *

It is the responsibility of the application to ensure that the credentials + * supplied are in fact associated with the peer who created the signature. * - * A custom KeyResolver can be supplied from outside the TrustEngine. - * Alternatively, one may be specified to the plugin constructor. - * A non-caching, inline resolver will be used as a fallback. + *

If criteria with a peer name are supplied, the "name" of the Credential that verifies + * the signature may also be checked to ensure that it identifies the intended peer. + * The peer name itself or implementation-specific rules based on the content of the + * peer credentials may be applied. Implementations may omit this check if they + * deem it unnecessary. * * @param sig reference to a signature object to validate - * @param keyInfoSource supplies KeyInfo objects to the TrustEngine - * @param keyResolver optional externally supplied KeyResolver, or NULL + * @param credResolver a locked resolver to supply trusted peer credentials to the TrustEngine + * @param criteria criteria for selecting peer credentials + * @return true iff the signature validates */ virtual bool validate( xmlsignature::Signature& sig, - KeyInfoIterator& keyInfoSource, - const xmlsignature::KeyResolver* keyResolver=NULL + const CredentialResolver& credResolver, + CredentialCriteria* criteria=NULL + ) const=0; + + /** + * Determines whether a raw signature is correct and valid with respect to + * the source of credentials supplied. + * + *

It is the responsibility of the application to ensure that the Credentials + * supplied are in fact associated with the peer who created the signature. + * + *

If criteria with a peer name are supplied, the "name" of the Credential that verifies + * the signature may also be checked to ensure that it identifies the intended peer. + * The peer name itself or implementation-specific rules based on the content of the + * peer credentials may be applied. Implementations may omit this check if they + * deem it unnecessary. + * + *

Note that the keyInfo parameter is not part of the implicitly trusted + * set of information supplied via the CredentialResolver, but rather advisory + * data that may have accompanied the signature itself. + * + * @param sigAlgorithm XML Signature identifier for the algorithm used + * @param sig null-terminated base64-encoded signature value + * @param keyInfo KeyInfo object accompanying the signature, if any + * @param in the input data over which the signature was created + * @param in_len size of input data in bytes + * @param credResolver a locked resolver to supply trusted peer credentials to the TrustEngine + * @param criteria criteria for selecting peer credentials + * @return true iff the signature validates + */ + virtual bool validate( + const XMLCh* sigAlgorithm, + const char* sig, + xmlsignature::KeyInfo* keyInfo, + const char* in, + unsigned int in_len, + const CredentialResolver& credResolver, + CredentialCriteria* criteria=NULL ) const=0; }; @@ -112,7 +141,11 @@ namespace xmltooling { void XMLTOOL_API registerTrustEngines(); /** TrustEngine based on explicit knowledge of peer key information. */ - #define EXPLICIT_KEY_TRUSTENGINE "org.opensaml.xmlooling.security.ExplicitKeyTrustEngine" + #define EXPLICIT_KEY_TRUSTENGINE "ExplicitKey" + + /** TrustEngine that tries multiple engines in sequence. */ + #define CHAINING_TRUSTENGINE "Chaining" + }; #endif /* __xmltooling_trust_h__ */