2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * @file xmltooling/security/BasicX509Credential.h
24 * Wraps an X.509-based Credential by storing key/cert objects inside.
27 #if !defined(__xmltooling_basicx509cred_h__) && !defined(XMLTOOLING_NO_XMLSEC)
28 #define __xmltooling_basicx509cred_h__
30 #include <xmltooling/security/X509Credential.h>
36 namespace xmlsignature {
37 class XMLTOOL_API KeyInfo;
40 namespace xmltooling {
43 * Wraps an X.509-based Credential by storing key/cert objects inside.
45 class XMLTOOL_API BasicX509Credential : public virtual X509Credential
51 * @param ownCerts true iff any certificates subsequently stored should be freed by destructor
53 BasicX509Credential(bool ownCerts);
58 * @param key key pair or secret key
59 * @param certs array of X.509 certificates, the first entry being the entity certificate
60 * @param crl optional CRL
62 BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, XSECCryptoX509CRL* crl=nullptr);
67 * @param key key pair or secret key
68 * @param certs array of X.509 certificates, the first entry being the entity certificate
69 * @param crls array of X.509 CRLs
71 BasicX509Credential(XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& certs, const std::vector<XSECCryptoX509CRL*>& crls);
73 /** The private/secret key/keypair. */
76 /** Key names (derived from credential, KeyInfo, or both). */
77 std::set<std::string> m_keyNames;
80 std::string m_subjectName;
83 std::string m_issuerName;
88 /** The X.509 certificate chain. */
89 std::vector<XSECCryptoX509*> m_xseccerts;
91 /** Indicates whether to destroy certificates. */
94 /** The X.509 CRLs. */
95 std::vector<XSECCryptoX509CRL*> m_crls;
97 /** The KeyInfo object representing the information. */
98 xmlsignature::KeyInfo* m_keyInfo;
100 /** The KeyInfo object representing the information in compact form. */
101 xmlsignature::KeyInfo* m_compactKeyInfo;
104 * Initializes (or reinitializes) a ds:KeyInfo to represent the Credential.
106 * @param types the kinds of KeyInfo content to include
108 void initKeyInfo(unsigned int types=0);
111 virtual ~BasicX509Credential();
113 // Virtual function overrides.
114 unsigned int getUsage() const;
115 const char* getAlgorithm() const;
116 unsigned int getKeySize() const;
117 XSECCryptoKey* getPrivateKey() const;
118 XSECCryptoKey* getPublicKey() const;
119 const std::set<std::string>& getKeyNames() const;
120 xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const;
121 const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const;
122 XSECCryptoX509CRL* getCRL() const;
123 const std::vector<XSECCryptoX509CRL*>& getCRLs() const;
124 const char* getSubjectName() const;
125 const char* getIssuerName() const;
126 const char* getSerialNumber() const;
131 #endif /* __xmltooling_basicx509cred_h__ */