2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/CredentialCriteria.h
20 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
23 #if !defined(__xmltooling_credcrit_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_credcrit_h__
26 #include <xmltooling/base.h>
30 class DSIGKeyInfoList;
33 namespace xmlsignature {
34 class XMLTOOL_API Credential;
35 class XMLTOOL_API KeyInfo;
36 class XMLTOOL_API Signature;
39 namespace xmltooling {
41 #if defined (_MSC_VER)
42 #pragma warning( push )
43 #pragma warning( disable : 4251 )
47 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
49 class XMLTOOL_API CredentialCriteria
51 MAKE_NONCOPYABLE(CredentialCriteria);
53 /** Default constructor. */
56 virtual ~CredentialCriteria();
59 * Determines whether the supplied Credential matches this CredentialCriteria.
61 * @param credential the Credential to evaluate
62 * @return true iff the Credential is consistent with this criteria
64 virtual bool matches(const Credential& credential) const;
67 * Get key usage criteria.
69 * @return the usage mask
71 unsigned int getUsage() const {
76 * Set key usage criteria.
78 * @param usage the usage mask to set
80 void setUsage(unsigned int usage) {
85 * Get the peer name criteria.
87 * @return the peer name
89 const char* getPeerName() const {
90 return m_peerName.c_str();
94 * Set the peer name criteria.
96 * @param peerName peer name to set
98 void setPeerName(const char* peerName) {
101 m_peerName = peerName;
105 * Get the key algorithm criteria.
107 * @return the key algorithm
109 const char* getKeyAlgorithm() const {
110 return m_keyAlgorithm.c_str();
114 * Set the key algorithm criteria.
116 * @param keyAlgorithm The key algorithm to set
118 void setKeyAlgorithm(const char* keyAlgorithm) {
119 m_keyAlgorithm.erase();
121 m_keyAlgorithm = keyAlgorithm;
125 * Get the key size criteria.
127 * @return the key size, or 0
129 unsigned int getKeySize() const {
134 * Set the key size criteria.
136 * @param keySize Key size to set
138 void setKeySize(unsigned int keySize) {
143 * Set the key algorithm and size criteria based on an XML algorithm specifier.
145 * @param algorithm XML algorithm specifier
147 void setXMLAlgorithm(const XMLCh* algorithm);
150 * Gets key name criteria.
152 * @return an immutable set of key names
154 const std::set<std::string>& getKeyNames() const {
159 * Gets key name criteria.
161 * @return a mutable set of key names
163 std::set<std::string>& getKeyNames() {
168 * Returns the public key criteria.
170 * @return a public key
172 virtual XSECCryptoKey* getPublicKey() const {
177 * Sets the public key criteria.
179 * <p>The lifetime of the key <strong>MUST</strong> extend
180 * for the lifetime of this object.
182 * @param key a public key
184 void setPublicKey(XSECCryptoKey* key) {
189 * Bitmask constants controlling the kinds of criteria set automatically
190 * based on a KeyInfo object.
192 enum keyinfo_extraction_t {
193 KEYINFO_EXTRACTION_KEY = 1,
194 KEYINFO_EXTRACTION_KEYNAMES = 2
198 * Gets the KeyInfo criteria.
200 * @return the KeyInfo criteria
202 const xmlsignature::KeyInfo* getKeyInfo() const {
207 * Sets the KeyInfo criteria.
209 * @param keyInfo the KeyInfo criteria
210 * @param extraction bitmask of criteria to auto-extract from KeyInfo
212 virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
215 * Gets the native KeyInfo criteria.
217 * @return the native KeyInfo criteria
219 DSIGKeyInfoList* getNativeKeyInfo() const {
220 return m_nativeKeyInfo;
224 * Sets the KeyInfo criteria.
226 * @param keyInfo the KeyInfo criteria
227 * @param extraction bitmask of criteria to auto-extract from KeyInfo
229 virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
232 * Sets the KeyInfo criteria from an XML Signature.
234 * @param sig the Signature containing KeyInfo criteria
235 * @param extraction bitmask of criteria to auto-extract from KeyInfo
237 void setSignature(const xmlsignature::Signature& sig, int extraction=0);
240 unsigned int m_keyUsage;
241 unsigned int m_keySize;
242 std::string m_peerName,m_keyAlgorithm;
243 std::set<std::string> m_keyNames;
244 XSECCryptoKey* m_key;
245 const xmlsignature::KeyInfo* m_keyInfo;
246 DSIGKeyInfoList* m_nativeKeyInfo;
247 Credential* m_credential;
250 #if defined (_MSC_VER)
251 #pragma warning( pop )
255 #endif /* __xmltooling_credcrit_h__ */