2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/CredentialCriteria.h
20 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
23 #if !defined(__xmltooling_credcrit_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_credcrit_h__
26 #include <xmltooling/base.h>
30 class DSIGKeyInfoList;
33 namespace xmlsignature {
34 class XMLTOOL_API KeyInfo;
35 class XMLTOOL_API Signature;
38 namespace xmltooling {
40 class XMLTOOL_API Credential;
42 #if defined (_MSC_VER)
43 #pragma warning( push )
44 #pragma warning( disable : 4251 )
48 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
50 class XMLTOOL_API CredentialCriteria
52 MAKE_NONCOPYABLE(CredentialCriteria);
54 /** Default constructor. */
57 virtual ~CredentialCriteria();
60 * Determines whether the supplied Credential matches this CredentialCriteria.
62 * @param credential the Credential to evaluate
63 * @return true iff the Credential is consistent with this criteria
65 virtual bool matches(const Credential& credential) const;
68 * Get key usage criteria.
70 * @return the usage mask
72 unsigned int getUsage() const {
77 * Set key usage criteria.
79 * @param usage the usage mask to set
81 void setUsage(unsigned int usage) {
86 * Get the peer name criteria.
88 * @return the peer name
90 const char* getPeerName() const {
91 return m_peerName.c_str();
95 * Set the peer name criteria.
97 * @param peerName peer name to set
99 void setPeerName(const char* peerName) {
102 m_peerName = peerName;
106 * Get the key algorithm criteria.
108 * @return the key algorithm
110 const char* getKeyAlgorithm() const {
111 return m_keyAlgorithm.c_str();
115 * Set the key algorithm criteria.
117 * @param keyAlgorithm The key algorithm to set
119 void setKeyAlgorithm(const char* keyAlgorithm) {
120 m_keyAlgorithm.erase();
122 m_keyAlgorithm = keyAlgorithm;
126 * Get the key size criteria.
128 * @return the key size, or 0
130 unsigned int getKeySize() const {
135 * Set the key size criteria.
137 * @param keySize Key size to set
139 void setKeySize(unsigned int keySize) {
144 * Set the key algorithm and size criteria based on an XML algorithm specifier.
146 * @param algorithm XML algorithm specifier
148 void setXMLAlgorithm(const XMLCh* algorithm);
151 * Gets key name criteria.
153 * @return an immutable set of key names
155 const std::set<std::string>& getKeyNames() const {
160 * Gets key name criteria.
162 * @return a mutable set of key names
164 std::set<std::string>& getKeyNames() {
169 * Returns the public key criteria.
171 * @return a public key
173 virtual XSECCryptoKey* getPublicKey() const {
178 * Sets the public key criteria.
180 * <p>The lifetime of the key <strong>MUST</strong> extend
181 * for the lifetime of this object.
183 * @param key a public key
185 void setPublicKey(XSECCryptoKey* key) {
190 * Bitmask constants controlling the kinds of criteria set automatically
191 * based on a KeyInfo object.
193 enum keyinfo_extraction_t {
194 KEYINFO_EXTRACTION_KEY = 1,
195 KEYINFO_EXTRACTION_KEYNAMES = 2
199 * Gets the KeyInfo criteria.
201 * @return the KeyInfo criteria
203 const xmlsignature::KeyInfo* getKeyInfo() const {
208 * Sets the KeyInfo criteria.
210 * @param keyInfo the KeyInfo criteria
211 * @param extraction bitmask of criteria to auto-extract from KeyInfo
213 virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
216 * Gets the native KeyInfo criteria.
218 * @return the native KeyInfo criteria
220 DSIGKeyInfoList* getNativeKeyInfo() const {
221 return m_nativeKeyInfo;
225 * Sets the KeyInfo criteria.
227 * @param keyInfo the KeyInfo criteria
228 * @param extraction bitmask of criteria to auto-extract from KeyInfo
230 virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
233 * Sets the KeyInfo criteria from an XML Signature.
235 * @param sig the Signature containing KeyInfo criteria
236 * @param extraction bitmask of criteria to auto-extract from KeyInfo
238 void setSignature(const xmlsignature::Signature& sig, int extraction=0);
241 unsigned int m_keyUsage;
242 unsigned int m_keySize;
243 std::string m_peerName,m_keyAlgorithm;
244 std::set<std::string> m_keyNames;
245 XSECCryptoKey* m_key;
246 const xmlsignature::KeyInfo* m_keyInfo;
247 DSIGKeyInfoList* m_nativeKeyInfo;
248 Credential* m_credential;
251 #if defined (_MSC_VER)
252 #pragma warning( pop )
256 #endif /* __xmltooling_credcrit_h__ */