/*
- * Copyright 2001-2009 Internet2
+ * Copyright 2001-2010 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <xmltooling/security/OpenSSLTrustEngine.h>
#include <xmltooling/security/SignatureTrustEngine.h>
-#include <xmltooling/security/XSECCryptoX509CRL.h>
namespace xmltooling {
+ class XMLTOOL_API XSECCryptoX509CRL;
+
/**
* A trust engine that uses X.509 trust anchors and CRLs associated with a peer
* to perform PKIX validation of signatures and credentials.
*
* @param e DOM to supply configuration for provider
*/
- AbstractPKIXTrustEngine(const xercesc::DOMElement* e=NULL);
+ AbstractPKIXTrustEngine(const xercesc::DOMElement* e=nullptr);
/** Flag controls whether every issuer in the trust path must have a CRL loaded. */
bool m_fullCRLChain;
bool checkEntityNames(X509* certEE, const CredentialResolver& credResolver, const CredentialCriteria& criteria) const;
public:
- virtual ~AbstractPKIXTrustEngine() {}
+ virtual ~AbstractPKIXTrustEngine();
bool validate(
xmlsignature::Signature& sig,
const CredentialResolver& credResolver,
- CredentialCriteria* criteria=NULL
+ CredentialCriteria* criteria=nullptr
) const;
bool validate(
const char* in,
unsigned int in_len,
const CredentialResolver& credResolver,
- CredentialCriteria* criteria=NULL
+ CredentialCriteria* criteria=nullptr
) const;
bool validate(
XSECCryptoX509* certEE,
const std::vector<XSECCryptoX509*>& certChain,
const CredentialResolver& credResolver,
- CredentialCriteria* criteria=NULL
+ CredentialCriteria* criteria=nullptr
) const;
bool validate(
X509* certEE,
STACK_OF(X509)* certChain,
const CredentialResolver& credResolver,
- CredentialCriteria* criteria=NULL
+ CredentialCriteria* criteria=nullptr
) const;
/**
class XMLTOOL_API PKIXValidationInfoIterator {
MAKE_NONCOPYABLE(PKIXValidationInfoIterator);
protected:
- PKIXValidationInfoIterator() {}
+ PKIXValidationInfoIterator();
public:
- virtual ~PKIXValidationInfoIterator() {}
+ virtual ~PKIXValidationInfoIterator();
/**
* Advances to the next set of information, if any.
* @return interface for obtaining validation data
*/
virtual PKIXValidationInfoIterator* getPKIXValidationInfoIterator(
- const CredentialResolver& pkixSource, CredentialCriteria* criteria=NULL
+ const CredentialResolver& pkixSource, CredentialCriteria* criteria=nullptr
) const=0;
private:
X509* certEE,
STACK_OF(X509)* certChain,
const CredentialResolver& credResolver,
- CredentialCriteria* criteria=NULL,
- const std::vector<XSECCryptoX509CRL*>* inlineCRLs=NULL
+ CredentialCriteria* criteria=nullptr,
+ const std::vector<XSECCryptoX509CRL*>* inlineCRLs=nullptr
) const;
};
};