2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * @file xmltooling/security/Credential.h
24 * Wraps keys and related functionality.
27 #if !defined(__xmltooling_cred_h__) && !defined(XMLTOOLING_NO_XMLSEC)
28 #define __xmltooling_cred_h__
30 #include <xmltooling/base.h>
37 namespace xmlsignature {
38 class XMLTOOL_API KeyInfo;
41 namespace xmltooling {
43 class XMLTOOL_API CredentialCriteria;
44 class XMLTOOL_API CredentialContext;
47 * Wraps keys and related functionality.
49 * <p>Shared credential implementations should implement reference counting
50 * and honor any locking parameters to ensure appropriate synchronization.
52 class XMLTOOL_API Credential
54 MAKE_NONCOPYABLE(Credential);
59 virtual ~Credential();
62 * Bitmask constants for limiting resolution process inside a CredentialResolver.
70 * Bitmask of use cases for credentials.
73 UNSPECIFIED_CREDENTIAL = 0,
74 SIGNING_CREDENTIAL = 1,
76 ENCRYPTION_CREDENTIAL = 4
80 * Bitmask of supported KeyInfo content to generate.
83 KEYINFO_KEY_VALUE = 1,
88 * Get credential usage types.
90 * @return the usage bitmask
92 virtual unsigned int getUsage() const=0;
95 * Returns an algorithm identifier for the Credential.
97 * @return the Credential algorithm, or nullptr if indeterminate
99 virtual const char* getAlgorithm() const=0;
102 * Returns the size of the key in bits.
104 * @return the key size, or 0 if indeterminate
106 virtual unsigned int getKeySize() const=0;
109 * Returns a secret or private key to use for signing or decryption operations.
111 * @return a secret or private key
113 virtual XSECCryptoKey* getPrivateKey() const=0;
116 * Returns a secret or public key to use for verification or encryption operations.
118 * @return a secret or public key
120 virtual XSECCryptoKey* getPublicKey() const=0;
123 * Returns names representing the Credential.
125 * <p>Names should be unique in the context of the comparisons against CredentialCriteria
126 * that deployments expect to see.
128 * @return a sorted set of names
130 virtual const std::set<std::string>& getKeyNames() const=0;
133 * Returns a ds:KeyInfo object representing the Credential for use in
134 * communicating with other entities.
136 * @param compact true iff the communication medium is such that only compact forms should be included
137 * @return a KeyInfo object, which must be freed by the caller
139 virtual xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const=0;
142 * Get the credential context information, which provides additional information
143 * specific to the context in which the credential was resolved.
145 * @return resolution context of the credential
147 virtual const CredentialContext* getCredentalContext() const;
151 #endif /* __xmltooling_cred_h__ */