/**
* @file xmltooling/security/TrustEngine.h
*
- * Evaluates the trustworthiness and validity of XML Signatures against
+ * Evaluates the trustworthiness and validity of signatures against
* implementation-specific requirements.
*/
#if !defined(__xmltooling_trust_h__) && !defined(XMLTOOLING_NO_XMLSEC)
#define __xmltooling_trust_h__
-#include <xmltooling/security/KeyInfoSource.h>
-#include <xmltooling/security/KeyResolver.h>
-#include <xmltooling/signature/Signature.h>
+#include <xmltooling/base.h>
+
+namespace xmlsignature {
+ class XMLTOOL_API KeyInfo;
+ class XMLTOOL_API Signature;
+};
namespace xmltooling {
+ class XMLTOOL_API CredentialCriteria;
+ class XMLTOOL_API CredentialResolver;
+ class XMLTOOL_API KeyInfoResolver;
+
/**
* Evaluates the trustworthiness and validity of XML or raw Signatures against
* implementation-specific requirements.
* If a DOM is supplied, the following XML content is supported:
*
* <ul>
- * <li><KeyResolver> elements with a type attribute
+ * <li><KeyInfoResolver> elements with a type attribute
* </ul>
*
* XML namespaces are ignored in the processing of this content.
*/
TrustEngine(const DOMElement* e=NULL);
- /** Default KeyResolver instance. */
- KeyResolver* m_keyResolver;
+ /** Custom KeyInfoResolver instance. */
+ KeyInfoResolver* m_keyInfoResolver;
public:
virtual ~TrustEngine();
-
+
+ /**
+ * Supplies a KeyInfoResolver instance.
+ * <p>This method must be externally synchronized with any code that uses the object.
+ * Any previously set object is destroyed.
+ *
+ * @param keyInfoResolver new KeyInfoResolver instance to use
+ */
+ void setKeyInfoResolver(KeyInfoResolver* keyInfoResolver);
+
/**
* Determines whether an XML signature is correct and valid with respect to
- * the source of KeyInfo data supplied. It is the responsibility of the
- * application to ensure that the KeyInfo information supplied is in fact
- * associated with the peer who created the signature.
+ * the source of credentials supplied.
+ *
+ * <p>It is the responsibility of the application to ensure that the credentials
+ * supplied are in fact associated with the peer who created the signature.
*
- * <p>A custom KeyResolver can be supplied from outside the TrustEngine.
- * Alternatively, one may be specified to the plugin constructor.
- * A non-caching, inline resolver will be used as a fallback.
+ * <p>If criteria with a peer name are supplied, the "name" of the Credential that verifies
+ * the signature may also be checked to ensure that it identifies the intended peer.
+ * The peer name itself or implementation-specific rules based on the content of the
+ * peer credentials may be applied. Implementations may omit this check if they
+ * deem it unnecessary.
*
* @param sig reference to a signature object to validate
- * @param keyInfoSource supplies KeyInfo objects to the TrustEngine
- * @param keyResolver optional externally supplied KeyResolver, or NULL
+ * @param credResolver a locked resolver to supply trusted peer credentials to the TrustEngine
+ * @param criteria criteria for selecting peer credentials
* @return true iff the signature validates
*/
virtual bool validate(
xmlsignature::Signature& sig,
- const KeyInfoSource& keyInfoSource,
- const KeyResolver* keyResolver=NULL
+ const CredentialResolver& credResolver,
+ CredentialCriteria* criteria=NULL
) const=0;
/**
* Determines whether a raw signature is correct and valid with respect to
- * the source of KeyInfo data supplied. It is the responsibility of the
- * application to ensure that the KeyInfo information supplied is in fact
- * associated with the peer who created the signature.
+ * the source of credentials supplied.
*
- * <p>A custom KeyResolver can be supplied from outside the TrustEngine.
- * Alternatively, one may be specified to the plugin constructor.
- * A non-caching, inline resolver will be used as a fallback.
+ * <p>It is the responsibility of the application to ensure that the Credentials
+ * supplied are in fact associated with the peer who created the signature.
*
+ * <p>If criteria with a peer name are supplied, the "name" of the Credential that verifies
+ * the signature may also be checked to ensure that it identifies the intended peer.
+ * The peer name itself or implementation-specific rules based on the content of the
+ * peer credentials may be applied. Implementations may omit this check if they
+ * deem it unnecessary.
+ *
* <p>Note that the keyInfo parameter is not part of the implicitly trusted
- * set of key information supplied via the KeyInfoSource, but rather advisory
+ * set of information supplied via the CredentialResolver, but rather advisory
* data that may have accompanied the signature itself.
*
* @param sigAlgorithm XML Signature identifier for the algorithm used
* @param keyInfo KeyInfo object accompanying the signature, if any
* @param in the input data over which the signature was created
* @param in_len size of input data in bytes
- * @param keyInfoSource supplies KeyInfo objects to the TrustEngine
- * @param keyResolver optional externally supplied KeyResolver, or NULL
+ * @param credResolver a locked resolver to supply trusted peer credentials to the TrustEngine
+ * @param criteria criteria for selecting peer credentials
* @return true iff the signature validates
*/
virtual bool validate(
xmlsignature::KeyInfo* keyInfo,
const char* in,
unsigned int in_len,
- const KeyInfoSource& keyInfoSource,
- const KeyResolver* keyResolver=NULL
+ const CredentialResolver& credResolver,
+ CredentialCriteria* criteria=NULL
) const=0;
};