2 * Copyright 2001-2007 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/Credential.h
20 * Wraps keys and related functionality.
23 #if !defined(__xmltooling_cred_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_cred_h__
26 #include <xmltooling/base.h>
27 #include <xsec/enc/XSECCryptoKey.hpp>
32 namespace xmlsignature {
33 class XMLTOOL_API KeyInfo;
36 namespace xmltooling {
38 class XMLTOOL_API CredentialCriteria;
39 class XMLTOOL_API CredentialContext;
42 * Wraps keys and related functionality.
44 * <p>Shared credential implementations should implement reference counting
45 * and honor any locking parameters to ensure appropriate synchronization.
47 class XMLTOOL_API Credential
49 MAKE_NONCOPYABLE(Credential);
54 virtual ~Credential() {}
57 * Bitmask constants for limiting resolution process inside a CredentialResolver.
65 * Bitmask of use cases for credentials.
68 UNSPECIFIED_CREDENTIAL = 0,
69 SIGNING_CREDENTIAL = 1,
71 ENCRYPTION_CREDENTIAL = 4
75 * Bitmask of supported KeyInfo content to generate.
78 KEYINFO_KEY_VALUE = 1,
83 * Get credential usage types.
85 * @return the usage bitmask
87 virtual unsigned int getUsage() const=0;
90 * Returns an algorithm identifier for the Credential.
92 * @return the Credential algorithm, or NULL if indeterminate
94 virtual const char* getAlgorithm() const=0;
97 * Returns the size of the key.
99 * @return the key size, or 0 if indeterminate
101 virtual unsigned int getKeySize() const=0;
104 * Returns a secret or private key to use for signing or decryption operations.
106 * @return a secret or private key
108 virtual XSECCryptoKey* getPrivateKey() const=0;
111 * Returns a secret or public key to use for verification or encryption operations.
113 * @return a secret or public key
115 virtual XSECCryptoKey* getPublicKey() const=0;
118 * Returns names representing the Credential.
120 * <p>Names should be unique in the context of the comparisons against CredentialCriteria
121 * that deployments expect to see.
123 * @return a sorted set of names
125 virtual const std::set<std::string>& getKeyNames() const=0;
128 * Returns a ds:KeyInfo object representing the Credential for use in
129 * communicating with other entities.
131 * @param compact true iff the communication medium is such that only compact forms should be included
132 * @return a KeyInfo object, which must be freed by the caller
134 virtual xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const=0;
137 * Get the credential context information, which provides additional information
138 * specific to the context in which the credential was resolved.
140 * @return resolution context of the credential
142 virtual const CredentialContext* getCredentalContext() const {
148 #endif /* __xmltooling_cred_h__ */