2 * Copyright 2001-2010 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/BasicX509Credential.h
20 * Wraps an X.509-based Credential by storing key/cert objects inside.
23 #if !defined(__xmltooling_basicx509cred_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_basicx509cred_h__
26 #include <xmltooling/security/X509Credential.h>
32 namespace xmlsignature {
33 class XMLTOOL_API KeyInfo;
36 namespace xmltooling {
39 * Wraps an X.509-based Credential by storing key/cert objects inside.
41 class XMLTOOL_API BasicX509Credential : public virtual X509Credential
47 * @param ownCerts true iff any certificates subsequently stored should be freed by destructor
49 BasicX509Credential(bool ownCerts);
54 * @param key key pair or secret key
55 * @param certs array of X.509 certificates, the first entry being the entity certificate
56 * @param crl optional CRL
58 BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, XSECCryptoX509CRL* crl=nullptr);
63 * @param key key pair or secret key
64 * @param certs array of X.509 certificates, the first entry being the entity certificate
65 * @param crls array of X.509 CRLs
67 BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, const std::vector<XSECCryptoX509CRL*>& crls);
69 /** The private/secret key/keypair. */
72 /** Key names (derived from credential, KeyInfo, or both). */
73 std::set<std::string> m_keyNames;
76 std::string m_subjectName;
79 std::string m_issuerName;
84 /** The X.509 certificate chain. */
85 std::vector<XSECCryptoX509*> m_xseccerts;
87 /** Indicates whether to destroy certificates. */
90 /** The X.509 CRLs. */
91 std::vector<XSECCryptoX509CRL*> m_crls;
93 /** The KeyInfo object representing the information. */
94 xmlsignature::KeyInfo* m_keyInfo;
96 /** The KeyInfo object representing the information in compact form. */
97 xmlsignature::KeyInfo* m_compactKeyInfo;
100 * Initializes (or reinitializes) a ds:KeyInfo to represent the Credential.
102 * @param types the kinds of KeyInfo content to include
104 void initKeyInfo(unsigned int types=0);
107 virtual ~BasicX509Credential();
109 // Virtual function overrides.
110 unsigned int getUsage() const;
111 const char* getAlgorithm() const;
112 unsigned int getKeySize() const;
113 XSECCryptoKey* getPrivateKey() const;
114 XSECCryptoKey* getPublicKey() const;
115 const std::set<std::string>& getKeyNames() const;
116 xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const;
117 const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const;
118 XSECCryptoX509CRL* getCRL() const;
119 const std::vector<XSECCryptoX509CRL*>& getCRLs() const;
120 const char* getSubjectName() const;
121 const char* getIssuerName() const;
122 const char* getSerialNumber() const;
127 #endif /* __xmltooling_basicx509cred_h__ */