2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/CredentialCriteria.h
20 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
23 #if !defined(__xmltooling_credcrit_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_credcrit_h__
26 #include <xmltooling/base.h>
30 class DSIGKeyInfoList;
33 namespace xmlsignature {
34 class XMLTOOL_API KeyInfo;
35 class XMLTOOL_API Signature;
38 namespace xmltooling {
40 class XMLTOOL_API Credential;
42 #if defined (_MSC_VER)
43 #pragma warning( push )
44 #pragma warning( disable : 4251 )
48 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
50 class XMLTOOL_API CredentialCriteria
52 MAKE_NONCOPYABLE(CredentialCriteria);
54 /** Default constructor. */
57 virtual ~CredentialCriteria();
60 * Determines whether the supplied Credential matches this CredentialCriteria.
62 * @param credential the Credential to evaluate
63 * @return true iff the Credential is consistent with this criteria
65 virtual bool matches(const Credential& credential) const;
68 * Get key usage criteria.
70 * @return the usage mask
72 unsigned int getUsage() const;
75 * Set key usage criteria.
77 * @param usage the usage mask to set
79 void setUsage(unsigned int usage);
82 * Get the peer name criteria.
84 * @return the peer name
86 const char* getPeerName() const;
89 * Set the peer name criteria.
91 * @param peerName peer name to set
93 void setPeerName(const char* peerName);
96 * Get the key algorithm criteria.
98 * @return the key algorithm
100 const char* getKeyAlgorithm() const;
103 * Set the key algorithm criteria.
105 * @param keyAlgorithm the key algorithm to set
107 void setKeyAlgorithm(const char* keyAlgorithm);
110 * Get the key size criteria.
111 * <p>If a a maximum size is also set, this is treated as a minimum.
113 * @return the key size, or 0
115 unsigned int getKeySize() const;
118 * Set the key size criteria.
119 * <p>If a a maximum size is also set, this is treated as a minimum.
121 * @param keySize key size to set
123 void setKeySize(unsigned int keySize);
126 * Get the maximum key size criteria.
128 * @return the maximum key size, or 0
130 unsigned int getMaxKeySize() const;
133 * Set the maximum key size criteria.
135 * @param keySize maximum key size to set
137 void setMaxKeySize(unsigned int keySize);
140 * Set the key algorithm and size criteria based on an XML algorithm specifier.
142 * @param algorithm XML algorithm specifier
144 void setXMLAlgorithm(const XMLCh* algorithm);
147 * Gets key name criteria.
149 * @return an immutable set of key names
151 const std::set<std::string>& getKeyNames() const;
154 * Gets key name criteria.
156 * @return a mutable set of key names
158 std::set<std::string>& getKeyNames();
161 * Returns the public key criteria.
163 * @return a public key
165 virtual XSECCryptoKey* getPublicKey() const;
168 * Sets the public key criteria.
170 * <p>The lifetime of the key <strong>MUST</strong> extend
171 * for the lifetime of this object.
173 * @param key a public key
175 void setPublicKey(XSECCryptoKey* key);
178 * Bitmask constants controlling the kinds of criteria set automatically
179 * based on a KeyInfo object.
181 enum keyinfo_extraction_t {
182 KEYINFO_EXTRACTION_KEY = 1,
183 KEYINFO_EXTRACTION_KEYNAMES = 2
187 * Gets the KeyInfo criteria.
189 * @return the KeyInfo criteria
191 const xmlsignature::KeyInfo* getKeyInfo() const;
194 * Sets the KeyInfo criteria.
196 * @param keyInfo the KeyInfo criteria
197 * @param extraction bitmask of criteria to auto-extract from KeyInfo
199 virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
202 * Gets the native KeyInfo criteria.
204 * @return the native KeyInfo criteria
206 DSIGKeyInfoList* getNativeKeyInfo() const;
209 * Sets the KeyInfo criteria.
211 * @param keyInfo the KeyInfo criteria
212 * @param extraction bitmask of criteria to auto-extract from KeyInfo
214 virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
217 * Sets the KeyInfo criteria from an XML Signature.
219 * @param sig the Signature containing KeyInfo criteria
220 * @param extraction bitmask of criteria to auto-extract from KeyInfo
222 void setSignature(const xmlsignature::Signature& sig, int extraction=0);
225 * Resets object to a default state.
227 virtual void reset();
230 unsigned int m_keyUsage;
231 unsigned int m_keySize,m_maxKeySize;
232 std::string m_peerName,m_keyAlgorithm;
233 std::set<std::string> m_keyNames;
234 XSECCryptoKey* m_key;
235 const xmlsignature::KeyInfo* m_keyInfo;
236 DSIGKeyInfoList* m_nativeKeyInfo;
237 Credential* m_credential;
240 #if defined (_MSC_VER)
241 #pragma warning( pop )
245 #endif /* __xmltooling_credcrit_h__ */