#define __xmltooling_basicx509cred_h__
#include <xmltooling/security/X509Credential.h>
+#include <xmltooling/signature/KeyInfo.h>
#include <algorithm>
-namespace xmlsignature {
- class XMLTOOL_API KeyInfo;
-};
-
namespace xmltooling {
/**
class XMLTOOL_API BasicX509Credential : public virtual X509Credential
{
protected:
+ /**
+ * Constructor.
+ *
+ * @param ownCerts true iff any certificates subsequently stored should be freed by destructor
+ */
BasicX509Credential(bool ownCerts) : m_key(NULL), m_ownCerts(ownCerts), m_crl(NULL), m_keyInfo(NULL), m_compactKeyInfo(NULL) {
}
/** The private/secret key/keypair. */
XSECCryptoKey* m_key;
+ /** Key names (derived from credential, KeyInfo, or both). */
+ std::set<std::string> m_keyNames;
+
+ /** Subject DN. */
+ std::string m_subjectName;
+
+ /** Issuer DN. */
+ std::string m_issuerName;
+
+ /** Serial number. */
+ std::string m_serial;
+
/** The X.509 certificate chain. */
std::vector<XSECCryptoX509*> m_xseccerts;
* Initializes (or reinitializes) a ds:KeyInfo to represent the Credential.
*/
void initKeyInfo();
-
+
public:
virtual ~BasicX509Credential();
- const char* getAlgorithm() const {
- if (m_key) {
- switch (m_key->getKeyType()) {
- case XSECCryptoKey::KEY_RSA_PRIVATE:
- case XSECCryptoKey::KEY_RSA_PUBLIC:
- case XSECCryptoKey::KEY_RSA_PAIR:
- return "RSA";
-
- case XSECCryptoKey::KEY_DSA_PRIVATE:
- case XSECCryptoKey::KEY_DSA_PUBLIC:
- case XSECCryptoKey::KEY_DSA_PAIR:
- return "DSA";
-
- case XSECCryptoKey::KEY_HMAC:
- return "HMAC";
-
- case XSECCryptoKey::KEY_SYMMETRIC: {
- XSECCryptoSymmetricKey* skey = static_cast<XSECCryptoSymmetricKey*>(m_key);
- switch (skey->getSymmetricKeyType()) {
- case XSECCryptoSymmetricKey::KEY_3DES_192:
- return "DESede";
- case XSECCryptoSymmetricKey::KEY_AES_128:
- return "AES";
- case XSECCryptoSymmetricKey::KEY_AES_192:
- return "AES";
- case XSECCryptoSymmetricKey::KEY_AES_256:
- return "AES";
- }
- }
- }
- }
- return NULL;
- }
-
- unsigned int getKeySize() const {
- if (m_key) {
- switch (m_key->getKeyType()) {
- case XSECCryptoKey::KEY_RSA_PRIVATE:
- case XSECCryptoKey::KEY_RSA_PUBLIC:
- case XSECCryptoKey::KEY_RSA_PAIR: {
- XSECCryptoKeyRSA* rkey = static_cast<XSECCryptoKeyRSA*>(m_key);
- return rkey->getLength();
- }
-
- case XSECCryptoKey::KEY_SYMMETRIC: {
- XSECCryptoSymmetricKey* skey = static_cast<XSECCryptoSymmetricKey*>(m_key);
- switch (skey->getSymmetricKeyType()) {
- case XSECCryptoSymmetricKey::KEY_3DES_192:
- return 192;
- case XSECCryptoSymmetricKey::KEY_AES_128:
- return 128;
- case XSECCryptoSymmetricKey::KEY_AES_192:
- return 192;
- case XSECCryptoSymmetricKey::KEY_AES_256:
- return 256;
- }
- }
- }
- }
- return 0;
+ unsigned int getUsage() const {
+ return UNSPECIFIED_CREDENTIAL;
}
+ const char* getAlgorithm() const;
+ unsigned int getKeySize() const;
XSECCryptoKey* getPrivateKey() const {
if (m_key) {
return NULL;
}
- std::vector<std::string>::size_type getKeyNames(std::vector<std::string>& results) const;
+ const std::set<std::string>& getKeyNames() const {
+ return m_keyNames;
+ }
- const xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const {
- return compact ? m_compactKeyInfo : (m_keyInfo ? m_keyInfo : m_compactKeyInfo);
+ xmlsignature::KeyInfo* getKeyInfo(bool compact=false) const {
+ if (compact || !m_keyInfo)
+ return m_compactKeyInfo ? m_compactKeyInfo->cloneKeyInfo() : NULL;
+ return m_keyInfo->cloneKeyInfo();
}
- /**
- * Gets an immutable collection of certificates in the entity's trust chain. The entity certificate is contained
- * within this list. No specific ordering of the certificates is guaranteed.
- *
- * @return a certificate chain
- */
const std::vector<XSECCryptoX509*>& getEntityCertificateChain() const {
return m_xseccerts;
}
XSECCryptoX509CRL* getCRL() const {
return m_crl;
}
+
+ const char* getSubjectName() const {
+ return m_subjectName.c_str();
+ }
+
+ const char* getIssuerName() const {
+ return m_issuerName.c_str();
+ }
+
+ const char* getSerialNumber() const {
+ return m_serial.c_str();
+ }
+
+ void extract();
};
};