#define __xmltooling_basicx509cred_h__
#include <xmltooling/security/X509Credential.h>
+#include <xmltooling/signature/KeyInfo.h>
#include <algorithm>
-namespace xmlsignature {
- class XMLTOOL_API KeyInfo;
-};
-
namespace xmltooling {
/**
/** The private/secret key/keypair. */
XSECCryptoKey* m_key;
+ /** Key names (derived from credential, KeyInfo, or both). */
+ std::set<std::string> m_keyNames;
+
/** The X.509 certificate chain. */
std::vector<XSECCryptoX509*> m_xseccerts;
public:
virtual ~BasicX509Credential();
+ const char* getAlgorithm() const {
+ if (m_key) {
+ switch (m_key->getKeyType()) {
+ case XSECCryptoKey::KEY_RSA_PRIVATE:
+ case XSECCryptoKey::KEY_RSA_PUBLIC:
+ case XSECCryptoKey::KEY_RSA_PAIR:
+ return "RSA";
+
+ case XSECCryptoKey::KEY_DSA_PRIVATE:
+ case XSECCryptoKey::KEY_DSA_PUBLIC:
+ case XSECCryptoKey::KEY_DSA_PAIR:
+ return "DSA";
+
+ case XSECCryptoKey::KEY_HMAC:
+ return "HMAC";
+
+ case XSECCryptoKey::KEY_SYMMETRIC: {
+ XSECCryptoSymmetricKey* skey = static_cast<XSECCryptoSymmetricKey*>(m_key);
+ switch (skey->getSymmetricKeyType()) {
+ case XSECCryptoSymmetricKey::KEY_3DES_192:
+ return "DESede";
+ case XSECCryptoSymmetricKey::KEY_AES_128:
+ return "AES";
+ case XSECCryptoSymmetricKey::KEY_AES_192:
+ return "AES";
+ case XSECCryptoSymmetricKey::KEY_AES_256:
+ return "AES";
+ }
+ }
+ }
+ }
+ return NULL;
+ }
+
+ unsigned int getKeySize() const {
+ if (m_key) {
+ switch (m_key->getKeyType()) {
+ case XSECCryptoKey::KEY_RSA_PRIVATE:
+ case XSECCryptoKey::KEY_RSA_PUBLIC:
+ case XSECCryptoKey::KEY_RSA_PAIR: {
+ XSECCryptoKeyRSA* rkey = static_cast<XSECCryptoKeyRSA*>(m_key);
+ return rkey->getLength();
+ }
+
+ case XSECCryptoKey::KEY_SYMMETRIC: {
+ XSECCryptoSymmetricKey* skey = static_cast<XSECCryptoSymmetricKey*>(m_key);
+ switch (skey->getSymmetricKeyType()) {
+ case XSECCryptoSymmetricKey::KEY_3DES_192:
+ return 192;
+ case XSECCryptoSymmetricKey::KEY_AES_128:
+ return 128;
+ case XSECCryptoSymmetricKey::KEY_AES_192:
+ return 192;
+ case XSECCryptoSymmetricKey::KEY_AES_256:
+ return 256;
+ }
+ }
+ }
+ }
+ return 0;
+ }
+
XSECCryptoKey* getPrivateKey() const {
if (m_key) {
XSECCryptoKey::KeyType type = m_key->getKeyType();
}
return NULL;
}
+
+ const std::set<std::string>& getKeyNames() const {
+ return m_keyNames;
+ }
- std::vector<std::string>::size_type getKeyNames(std::vector<std::string>& results) const;
-
- const xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const {
- return compact ? m_compactKeyInfo : (m_keyInfo ? m_keyInfo : m_compactKeyInfo);
+ xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const {
+ if (compact || !m_keyInfo)
+ return m_compactKeyInfo ? m_compactKeyInfo->cloneKeyInfo() : NULL;
+ return m_keyInfo->cloneKeyInfo();
}
- /**
- * Gets an immutable collection of certificates in the entity's trust chain. The entity certificate is contained
- * within this list. No specific ordering of the certificates is guaranteed.
- *
- * @return a certificate chain
- */
const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const {
return m_xseccerts;
}