2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * @file xmltooling/security/CredentialCriteria.h
24 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
27 #if !defined(__xmltooling_credcrit_h__) && !defined(XMLTOOLING_NO_XMLSEC)
28 #define __xmltooling_credcrit_h__
30 #include <xmltooling/base.h>
34 class DSIGKeyInfoList;
37 namespace xmlsignature {
38 class XMLTOOL_API KeyInfo;
39 class XMLTOOL_API Signature;
42 namespace xmltooling {
44 class XMLTOOL_API Credential;
46 #if defined (_MSC_VER)
47 #pragma warning( push )
48 #pragma warning( disable : 4251 )
52 * Class for specifying criteria by which a CredentialResolver should resolve credentials.
54 class XMLTOOL_API CredentialCriteria
56 MAKE_NONCOPYABLE(CredentialCriteria);
58 /** Default constructor. */
61 virtual ~CredentialCriteria();
64 * Determines whether the supplied Credential matches this CredentialCriteria.
66 * @param credential the Credential to evaluate
67 * @return true iff the Credential is consistent with this criteria
69 virtual bool matches(const Credential& credential) const;
72 * Get key usage criteria.
74 * @return the usage mask
76 unsigned int getUsage() const;
79 * Set key usage criteria.
81 * @param usage the usage mask to set
83 void setUsage(unsigned int usage);
86 * Get the peer name criteria.
88 * @return the peer name
90 const char* getPeerName() const;
93 * Set the peer name criteria.
95 * @param peerName peer name to set
97 void setPeerName(const char* peerName);
100 * Get the key algorithm criteria.
102 * @return the key algorithm
104 const char* getKeyAlgorithm() const;
107 * Set the key algorithm criteria.
109 * @param keyAlgorithm the key algorithm to set
111 void setKeyAlgorithm(const char* keyAlgorithm);
114 * Get the key size criteria.
115 * <p>If a a maximum size is also set, this is treated as a minimum.
117 * @return the key size, or 0
119 unsigned int getKeySize() const;
122 * Set the key size criteria.
123 * <p>If a a maximum size is also set, this is treated as a minimum.
125 * @param keySize key size to set
127 void setKeySize(unsigned int keySize);
130 * Get the maximum key size criteria.
132 * @return the maximum key size, or 0
134 unsigned int getMaxKeySize() const;
137 * Set the maximum key size criteria.
139 * @param keySize maximum key size to set
141 void setMaxKeySize(unsigned int keySize);
144 * Set the key algorithm and size criteria based on an XML algorithm specifier.
146 * @param algorithm XML algorithm specifier
148 void setXMLAlgorithm(const XMLCh* algorithm);
151 * Gets key name criteria.
153 * @return an immutable set of key names
155 const std::set<std::string>& getKeyNames() const;
158 * Gets key name criteria.
160 * @return a mutable set of key names
162 std::set<std::string>& getKeyNames();
165 * Returns the public key criteria.
167 * @return a public key
169 virtual XSECCryptoKey* getPublicKey() const;
172 * Sets the public key criteria.
174 * <p>The lifetime of the key <strong>MUST</strong> extend
175 * for the lifetime of this object.
177 * @param key a public key
179 void setPublicKey(XSECCryptoKey* key);
182 * Bitmask constants controlling the kinds of criteria set automatically
183 * based on a KeyInfo object.
185 enum keyinfo_extraction_t {
186 KEYINFO_EXTRACTION_KEY = 1,
187 KEYINFO_EXTRACTION_KEYNAMES = 2
191 * Gets the KeyInfo criteria.
193 * @return the KeyInfo criteria
195 const xmlsignature::KeyInfo* getKeyInfo() const;
198 * Sets the KeyInfo criteria.
200 * @param keyInfo the KeyInfo criteria
201 * @param extraction bitmask of criteria to auto-extract from KeyInfo
203 virtual void setKeyInfo(const xmlsignature::KeyInfo* keyInfo, int extraction=0);
206 * Gets the native KeyInfo criteria.
208 * @return the native KeyInfo criteria
210 DSIGKeyInfoList* getNativeKeyInfo() const;
213 * Sets the KeyInfo criteria.
215 * @param keyInfo the KeyInfo criteria
216 * @param extraction bitmask of criteria to auto-extract from KeyInfo
218 virtual void setNativeKeyInfo(DSIGKeyInfoList* keyInfo, int extraction=0);
221 * Sets the KeyInfo criteria from an XML Signature.
223 * @param sig the Signature containing KeyInfo criteria
224 * @param extraction bitmask of criteria to auto-extract from KeyInfo
226 void setSignature(const xmlsignature::Signature& sig, int extraction=0);
229 * Resets object to a default state.
231 virtual void reset();
234 unsigned int m_keyUsage;
235 unsigned int m_keySize,m_maxKeySize;
236 std::string m_peerName,m_keyAlgorithm;
237 std::set<std::string> m_keyNames;
238 XSECCryptoKey* m_key;
239 const xmlsignature::KeyInfo* m_keyInfo;
240 DSIGKeyInfoList* m_nativeKeyInfo;
241 Credential* m_credential;
244 #if defined (_MSC_VER)
245 #pragma warning( pop )
249 #endif /* __xmltooling_credcrit_h__ */