2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/CredentialCriteria.h
20 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
23 #if !defined(__xmltooling_credcrit_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_credcrit_h__
26 #include <xmltooling/base.h>
30 class DSIGKeyInfoList;
33 namespace xmlsignature {
34 class XMLTOOL_API KeyInfo;
35 class XMLTOOL_API Signature;
38 namespace xmltooling {
40 class XMLTOOL_API Credential;
42 #if defined (_MSC_VER)
43 #pragma warning( push )
44 #pragma warning( disable : 4251 )
48 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
50 class XMLTOOL_API CredentialCriteria
52 MAKE_NONCOPYABLE(CredentialCriteria);
54 /** Default constructor. */
57 virtual ~CredentialCriteria();
60 * Determines whether the supplied Credential matches this CredentialCriteria.
62 * @param credential the Credential to evaluate
63 * @return true iff the Credential is consistent with this criteria
65 virtual bool matches(const Credential& credential) const;
68 * Get key usage criteria.
70 * @return the usage mask
72 unsigned int getUsage() const;
75 * Set key usage criteria.
77 * @param usage the usage mask to set
79 void setUsage(unsigned int usage);
82 * Get the peer name criteria.
84 * @return the peer name
86 const char* getPeerName() const;
89 * Set the peer name criteria.
91 * @param peerName peer name to set
93 void setPeerName(const char* peerName);
96 * Get the key algorithm criteria.
98 * @return the key algorithm
100 const char* getKeyAlgorithm() const;
103 * Set the key algorithm criteria.
105 * @param keyAlgorithm The key algorithm to set
107 void setKeyAlgorithm(const char* keyAlgorithm);
110 * Get the key size criteria.
112 * @return the key size, or 0
114 unsigned int getKeySize() const;
117 * Set the key size criteria.
119 * @param keySize Key size to set
121 void setKeySize(unsigned int keySize);
124 * Set the key algorithm and size criteria based on an XML algorithm specifier.
126 * @param algorithm XML algorithm specifier
128 void setXMLAlgorithm(const XMLCh* algorithm);
131 * Gets key name criteria.
133 * @return an immutable set of key names
135 const std::set<std::string>& getKeyNames() const;
138 * Gets key name criteria.
140 * @return a mutable set of key names
142 std::set<std::string>& getKeyNames();
145 * Returns the public key criteria.
147 * @return a public key
149 virtual XSECCryptoKey* getPublicKey() const;
152 * Sets the public key criteria.
154 * <p>The lifetime of the key <strong>MUST</strong> extend
155 * for the lifetime of this object.
157 * @param key a public key
159 void setPublicKey(XSECCryptoKey* key);
162 * Bitmask constants controlling the kinds of criteria set automatically
163 * based on a KeyInfo object.
165 enum keyinfo_extraction_t {
166 KEYINFO_EXTRACTION_KEY = 1,
167 KEYINFO_EXTRACTION_KEYNAMES = 2
171 * Gets the KeyInfo criteria.
173 * @return the KeyInfo criteria
175 const xmlsignature::KeyInfo* getKeyInfo() const;
178 * Sets the KeyInfo criteria.
180 * @param keyInfo the KeyInfo criteria
181 * @param extraction bitmask of criteria to auto-extract from KeyInfo
183 virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
186 * Gets the native KeyInfo criteria.
188 * @return the native KeyInfo criteria
190 DSIGKeyInfoList* getNativeKeyInfo() const;
193 * Sets the KeyInfo criteria.
195 * @param keyInfo the KeyInfo criteria
196 * @param extraction bitmask of criteria to auto-extract from KeyInfo
198 virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
201 * Sets the KeyInfo criteria from an XML Signature.
203 * @param sig the Signature containing KeyInfo criteria
204 * @param extraction bitmask of criteria to auto-extract from KeyInfo
206 void setSignature(const xmlsignature::Signature& sig, int extraction=0);
209 unsigned int m_keyUsage;
210 unsigned int m_keySize;
211 std::string m_peerName,m_keyAlgorithm;
212 std::set<std::string> m_keyNames;
213 XSECCryptoKey* m_key;
214 const xmlsignature::KeyInfo* m_keyInfo;
215 DSIGKeyInfoList* m_nativeKeyInfo;
216 Credential* m_credential;
219 #if defined (_MSC_VER)
220 #pragma warning( pop )
224 #endif /* __xmltooling_credcrit_h__ */