Reducing header overuse, non-inlining selected methods (CPPOST-35).

[shibboleth/cpp-xmltooling.git] / xmltooling / encryption / Decrypter.h

diff --git a/xmltooling/encryption/Decrypter.h b/xmltooling/encryption/Decrypter.h
index 780d1a0..8d2b574 100644 (file)
--- a/xmltooling/encryption/Decrypter.h
+++ b/xmltooling/encryption/Decrypter.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2009 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,9 +23,9 @@
 #if !defined(__xmltooling_decrypter_h__) && !defined(XMLTOOLING_NO_XMLSEC)
 #define __xmltooling_decrypter_h__
 
-#include <xmltooling/encryption/Encryption.h>
+#include <xmltooling/exceptions.h>
 
-#include <xsec/xenc/XENCCipher.hpp>
+class XENCCipher;
 
 namespace xmltooling {
     class XMLTOOL_API CredentialCriteria;
@@ -34,6 +34,8 @@ namespace xmltooling {
 
 namespace xmlencryption {
 
+    class XMLTOOL_API EncryptedData;
+    class XMLTOOL_API EncryptedKey;
     class XMLTOOL_API EncryptedKeyResolver;
 
     /**
@@ -53,19 +55,16 @@ namespace xmlencryption {
             const xmltooling::CredentialResolver* credResolver=NULL,
             xmltooling::CredentialCriteria* criteria=NULL,
             const EncryptedKeyResolver* EKResolver=NULL
-            ) : m_cipher(NULL), m_credResolver(credResolver), m_criteria(criteria), m_EKResolver(EKResolver) {
-        }
+            );
 
-        ~Decrypter();
+        virtual ~Decrypter();
         
         /**
          * Replace the current EncryptedKeyResolver interface, if any, with a new one.
          * 
          * @param EKResolver  the EncryptedKeyResolver to attach 
          */
-        void setEncryptedKeyResolver(const EncryptedKeyResolver* EKResolver) {
-            m_EKResolver=EKResolver;
-        }
+        void setEncryptedKeyResolver(const EncryptedKeyResolver* EKResolver);
 
         /**
          * Replace the current CredentialResolver interface, if any, with a new one.
@@ -73,10 +72,7 @@ namespace xmlencryption {
          * @param resolver  the locked CredentialResolver to attach, or NULL to clear
          * @param criteria  optional external criteria to use with resolver
          */
-        void setKEKResolver(const xmltooling::CredentialResolver* resolver, xmltooling::CredentialCriteria* criteria) {
-            m_credResolver=resolver;
-            m_criteria=criteria;
-        }
+        void setKEKResolver(const xmltooling::CredentialResolver* resolver, xmltooling::CredentialCriteria* criteria);
 
         /**
          * Decrypts the supplied information using the supplied key, and returns
@@ -113,6 +109,24 @@ namespace xmlencryption {
         xercesc::DOMDocumentFragment* decryptData(const EncryptedData& encryptedData, const XMLCh* recipient=NULL);
         
         /**
+         * Decrypts the supplied information to an output stream.
+         *
+         * @param out           output stream to receive the decrypted data 
+         * @param encryptedData the data to decrypt
+         * @param key           the decryption key to use (it will not be freed internally)
+         */
+        void decryptData(std::ostream& out, const EncryptedData& encryptedData, XSECCryptoKey* key);
+
+        /**
+         * Decrypts the supplied information to an output stream.
+         *
+         * @param out           output stream to receive the decrypted data 
+         * @param encryptedData the data to decrypt
+         * @param recipient     identifier of decrypting entity for use in identifying multi-cast keys
+         */
+        void decryptData(std::ostream& out, const EncryptedData& encryptedData, const XMLCh* recipient=NULL);
+
+        /**
          * Decrypts the supplied information and returns the resulting key.
          * The caller is responsible for deleting the key. The algorithm of the
          * key must be supplied by the caller based on knowledge of the associated