/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#if !defined(__xmltooling_decrypter_h__) && !defined(XMLTOOLING_NO_XMLSEC)
#define __xmltooling_decrypter_h__
-#include <xmltooling/encryption/Encryption.h>
+#include <xmltooling/exceptions.h>
-#include <xsec/xenc/XENCCipher.hpp>
+class XENCCipher;
namespace xmltooling {
class XMLTOOL_API CredentialCriteria;
namespace xmlencryption {
+ class XMLTOOL_API EncryptedData;
+ class XMLTOOL_API EncryptedKey;
class XMLTOOL_API EncryptedKeyResolver;
/**
const xmltooling::CredentialResolver* credResolver=NULL,
xmltooling::CredentialCriteria* criteria=NULL,
const EncryptedKeyResolver* EKResolver=NULL
- ) : m_cipher(NULL), m_credResolver(credResolver), m_criteria(criteria), m_EKResolver(EKResolver) {
- }
+ );
- ~Decrypter();
+ virtual ~Decrypter();
/**
* Replace the current EncryptedKeyResolver interface, if any, with a new one.
*
* @param EKResolver the EncryptedKeyResolver to attach
*/
- void setEncryptedKeyResolver(const EncryptedKeyResolver* EKResolver) {
- m_EKResolver=EKResolver;
- }
+ void setEncryptedKeyResolver(const EncryptedKeyResolver* EKResolver);
/**
* Replace the current CredentialResolver interface, if any, with a new one.
* @param resolver the locked CredentialResolver to attach, or NULL to clear
* @param criteria optional external criteria to use with resolver
*/
- void setKEKResolver(const xmltooling::CredentialResolver* resolver, xmltooling::CredentialCriteria* criteria) {
- m_credResolver=resolver;
- m_criteria=criteria;
- }
+ void setKEKResolver(const xmltooling::CredentialResolver* resolver, xmltooling::CredentialCriteria* criteria);
/**
* Decrypts the supplied information using the supplied key, and returns
xercesc::DOMDocumentFragment* decryptData(const EncryptedData& encryptedData, const XMLCh* recipient=NULL);
/**
+ * Decrypts the supplied information to an output stream.
+ *
+ * @param out output stream to receive the decrypted data
+ * @param encryptedData the data to decrypt
+ * @param key the decryption key to use (it will not be freed internally)
+ */
+ void decryptData(std::ostream& out, const EncryptedData& encryptedData, XSECCryptoKey* key);
+
+ /**
+ * Decrypts the supplied information to an output stream.
+ *
+ * @param out output stream to receive the decrypted data
+ * @param encryptedData the data to decrypt
+ * @param recipient identifier of decrypting entity for use in identifying multi-cast keys
+ */
+ void decryptData(std::ostream& out, const EncryptedData& encryptedData, const XMLCh* recipient=NULL);
+
+ /**
* Decrypts the supplied information and returns the resulting key.
* The caller is responsible for deleting the key. The algorithm of the
* key must be supplied by the caller based on knowledge of the associated