2 * Copyright 2001-2007 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/KeyInfoResolver.h
20 * Resolves credentials from KeyInfo information.
23 #if !defined(__xmltooling_keyres_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_keyres_h__
26 #include <xmltooling/security/Credential.h>
27 #include <xmltooling/security/KeyInfoCredentialContext.h>
29 #include <xsec/dsig/DSIGKeyInfoList.hpp>
31 namespace xmltooling {
33 class XMLTOOL_API CredentialCriteria;
36 * Resolves credentials from KeyInfo information.
38 * <p>Credential-specific bitmasks can be provided to control what to resolve.
40 * <p>Implementations should only establish KeyNames on the basis of explicit names
41 * within the KeyInfo object, never by extracting names out of physical credentials
44 class XMLTOOL_API KeyInfoResolver {
45 MAKE_NONCOPYABLE(KeyInfoResolver);
49 virtual ~KeyInfoResolver() {}
52 * Returns a credential based on the supplied KeyInfo information.
53 * The caller must release the credential when done with it.
55 * @param keyInfo the key information
56 * @param types types of credentials to resolve, or 0 for any/all
57 * @return the resolved credential, or NULL
59 virtual Credential* resolve(const xmlsignature::KeyInfo* keyInfo, int types=0) const=0;
62 * Returns a credential based on the supplied KeyInfo information.
63 * The caller must release the credential when done with it.
65 * @param keyInfo the key information
66 * @param types types of credentials to resolve, or 0 for any/all
67 * @return the resolved credential, or NULL
69 virtual Credential* resolve(DSIGKeyInfoList* keyInfo, int types=0) const=0;
72 * Returns a credential based on the KeyInfo information in the supplied
73 * context. The caller must release the credential when done with it.
75 * <p>The context object will be owned by the Credential and freed with it.
77 * @param context context containing the key information
78 * @param types types of credentials to resolve, or 0 for any/all
79 * @return the resolved credential, or NULL
81 virtual Credential* resolve(KeyInfoCredentialContext* context, int types=0) const=0;
84 * Returns a credential based on the supplied KeyInfo information.
85 * The caller must release the credential when done with it.
87 * @param sig signature containing the key information
88 * @param types types of credentials to resolve, or 0 for any/all
89 * @return the resolved credential, or NULL
91 Credential* resolve(const xmlsignature::Signature* sig, int types=0) const;
94 * Returns a credential based on the KeyInfo information in the supplied
95 * criteria. The caller must release the credential when done with it.
97 * @param criteria criteria containing the key information
98 * @param types types of credentials to resolve, or 0 for any/all
99 * @return the resolved credential, or NULL
101 Credential* resolve(const CredentialCriteria& criteria, int types=0) const;
105 * Registers KeyInfoResolver classes into the runtime.
107 void XMLTOOL_API registerKeyInfoResolvers();
109 /** KeyInfoResolver based on extracting by value directly out of a KeyInfo */
110 #define INLINE_KEYINFO_RESOLVER "Inline"
113 #endif /* __xmltooling_keyres_h__ */