2 * Copyright 2001-2006 Internet2
\r
4 * Licensed under the Apache License, Version 2.0 (the "License");
\r
5 * you may not use this file except in compliance with the License.
\r
6 * You may obtain a copy of the License at
\r
8 * http://www.apache.org/licenses/LICENSE-2.0
\r
10 * Unless required by applicable law or agreed to in writing, software
\r
11 * distributed under the License is distributed on an "AS IS" BASIS,
\r
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
13 * See the License for the specific language governing permissions and
\r
14 * limitations under the License.
\r
18 * @file SigningContext.h
\r
20 * SAML-specific signature construction
\r
23 #ifndef __saml_signctx_h__
\r
24 #define __saml_signctx_h__
\r
26 #include <saml/base.h>
\r
27 #include <xmltooling/signature/SigningContext.h>
\r
29 namespace opensaml {
\r
32 * SAML-specific signature profile context.
\r
33 * This is not a synchronized implementation.
\r
35 class SAML_API SigningContext : public virtual xmlsignature::SigningContext
\r
41 * @param id identifier of object being signed
\r
42 * @param credentials resolver to signing key/certs to use
\r
43 * @param keyInfo a complete KeyInfo object to attach, will be freed by context
\r
45 SigningContext(const XMLCh* id, xmltooling::CredentialResolver& creds, xmlsignature::KeyInfo* keyInfo=NULL)
\r
46 : m_id(id), m_creds(creds), m_keyInfo(keyInfo) {
\r
49 virtual ~SigningContext() {
\r
54 * Given a "blank" native signature, creates signature content
\r
55 * appropriate for the SAML assertion or message being signed.
\r
57 * @param sig native signature interface
\r
58 * @return indicator whether ds:KeyInfo was created by context
\r
60 virtual bool createSignature(DSIGSignature* sig);
\r
63 * Gets a reference to the credential resolver supplied during construction.
\r
65 * @return the resolver
\r
67 virtual xmltooling::CredentialResolver& getCredentialResolver() {
\r
72 * Gets a KeyInfo structure to embed.
\r
73 * Ownership of the object MUST be transferred to the caller.
\r
74 * This method will only be called if no certificates are returned from
\r
75 * the getX509Certificates() method.
\r
77 * @return pointer to a KeyInfo structure, will be freed by caller
\r
79 virtual xmlsignature::KeyInfo* getKeyInfo() {
\r
80 xmlsignature::KeyInfo* ret=m_keyInfo;
\r
85 void addInclusivePrefix(const char* prefix) {
\r
86 m_prefixes.push_back(prefix);
\r
90 /** Identifier of object to sign. */
\r
93 /** Reference to credentials to sign with. */
\r
94 xmltooling::CredentialResolver& m_creds;
\r
96 /** Optional pointer to KeyInfo to embed. */
\r
97 mutable xmlsignature::KeyInfo* m_keyInfo;
\r
99 /** Inclusive prefixes. */
\r
100 std::vector<std::string> m_prefixes;
\r
105 #endif /* __saml_signctx_h__ */
\r