2 * Copyright 2001-2006 Internet2
\r
4 * Licensed under the Apache License, Version 2.0 (the "License");
\r
5 * you may not use this file except in compliance with the License.
\r
6 * You may obtain a copy of the License at
\r
8 * http://www.apache.org/licenses/LICENSE-2.0
\r
10 * Unless required by applicable law or agreed to in writing, software
\r
11 * distributed under the License is distributed on an "AS IS" BASIS,
\r
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
13 * See the License for the specific language governing permissions and
\r
14 * limitations under the License.
\r
18 * @file SigningContext.h
\r
20 * Interface to signing process supplied by a signing application
\r
23 #if !defined(__xmltooling_signctx_h__) && !defined(XMLTOOLING_NO_XMLSEC)
\r
24 #define __xmltooling_signctx_h__
\r
26 #include <xmltooling/signature/KeyInfo.h>
\r
29 #include <xsec/dsig/DSIGSignature.hpp>
\r
31 #if defined (_MSC_VER)
\r
32 #pragma warning( push )
\r
33 #pragma warning( disable : 4250 4251 )
\r
36 namespace xmlsignature {
\r
39 * Interface to signing process supplied by a signing application
\r
41 class XMLTOOL_API SigningContext
\r
43 MAKE_NONCOPYABLE(SigningContext);
\r
45 virtual ~SigningContext() {}
\r
48 * Given a "blank" native signature, asks the context to define the
\r
49 * appropriate signature transforms, references, etc.
\r
50 * This method MAY attach ds:KeyInfo information, or a set of X.509
\r
51 * certificates can be returned from the SigningContext::getX509Certificates()
\r
54 * @param sig native signature interface
\r
56 virtual void createSignature(DSIGSignature* sig) const=0;
\r
59 * Gets a reference to a collection of certificates to append to
\r
60 * the ds:KeyInfo element in a ds:X509Data chain.
\r
61 * The certificate corresponding to the signing key SHOULD be
\r
62 * first, followed by any additional intermediates to append.
\r
64 * @return an immutable collection of certificates to embed
\r
66 virtual const std::vector<XSECCryptoX509*>* getX509Certificates() const=0;
\r
69 * Gets a KeyInfo structure to embed.
\r
70 * Ownership of the object MUST be transferred to the caller.
\r
71 * This method will only be called if no certificates are returned from
\r
72 * the getX509Certificates() method.
\r
74 * @return pointer to a KeyInfo structure, will be freed by caller
\r
76 virtual KeyInfo* getKeyInfo() const=0;
\r
79 * Gets the signing key to use.
\r
80 * Must be compatible with the intended signature algorithm. Ownership of the key
\r
81 * MUST be transferred to the caller.
\r
83 * @return pointer to a signing key, will be freed by caller
\r
85 virtual XSECCryptoKey* getSigningKey() const=0;
\r
93 #if defined (_MSC_VER)
\r
94 #pragma warning( pop )
\r
97 #endif /* __xmltooling_signctx_h__ */
\r