-/*\r
- * Copyright 2001-2006 Internet2\r
- * \r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- */\r
-\r
-/**\r
- * @file KeyResolver.h\r
- * \r
- * Resolves public keys and certificates based on KeyInfo information or\r
- * external factors. \r
- */\r
-\r
-#if !defined(__xmltooling_keyres_h__) && !defined(XMLTOOLING_NO_XMLSEC)\r
-#define __xmltooling_keyres_h__\r
-\r
-#include <xmltooling/security/XSECCryptoX509CRL.h>\r
-\r
-#include <xsec/dsig/DSIGKeyInfoList.hpp>\r
-#include <xsec/enc/XSECCryptoKey.hpp>\r
-#include <xsec/enc/XSECCryptoX509.hpp>\r
-\r
-#include <algorithm>\r
-#include <vector>\r
-\r
-namespace xmlsignature {\r
- class XMLTOOL_API KeyInfo;\r
- class XMLTOOL_API Signature;\r
-\r
- /**\r
- * An API for resolving keys. The default/simple implementation\r
- * allows a hard-wired key to be supplied. This is mostly\r
- * useful for testing, or to adapt another mechanism for supplying\r
- * keys to this interface.\r
- */\r
- class XMLTOOL_API KeyResolver {\r
- MAKE_NONCOPYABLE(KeyResolver);\r
- public:\r
- /**\r
- * Constructor based on a single externally supplied key.\r
- * The key will be destroyed when the resolver is. \r
- * \r
- * @param key external key\r
- */\r
- KeyResolver(XSECCryptoKey* key=NULL) : m_key(key) {}\r
- \r
- virtual ~KeyResolver() {\r
- delete m_key;\r
- }\r
- \r
- /**\r
- * Returns a key based on the supplied KeyInfo information.\r
- * The caller must delete the key when done with it.\r
- * \r
- * @param keyInfo the key information\r
- * @return the resolved key\r
- */\r
- virtual XSECCryptoKey* resolveKey(const KeyInfo* keyInfo) const {\r
- return m_key ? m_key->clone() : NULL;\r
- }\r
-\r
- /**\r
- * Returns a key based on the supplied KeyInfo information.\r
- * The caller must delete the key when done with it.\r
- * \r
- * @param keyInfo the key information\r
- * @return the resolved key\r
- */\r
- virtual XSECCryptoKey* resolveKey(DSIGKeyInfoList* keyInfo) const {\r
- return m_key ? m_key->clone() : NULL;\r
- }\r
-\r
- /**\r
- * Returns a key based on the supplied KeyInfo information.\r
- * The caller must delete the key when done with it.\r
- * \r
- * @param sig signature containing the key information\r
- * @return the resolved key\r
- */\r
- XSECCryptoKey* resolveKey(const Signature* sig) const;\r
-\r
- /**\r
- * A wrapper that handles disposal of certificates when required.\r
- */\r
- class XMLTOOL_API ResolvedCertificates {\r
- MAKE_NONCOPYABLE(ResolvedCertificates);\r
- bool m_owned;\r
- std::vector<XSECCryptoX509*> m_certs;\r
- public:\r
- ResolvedCertificates() : m_owned(false) {}\r
- ~ResolvedCertificates() {\r
- if (m_owned) {\r
- std::for_each(m_certs.begin(), m_certs.end(), xmltooling::cleanup<XSECCryptoX509>());\r
- }\r
- }\r
- const std::vector<XSECCryptoX509*>& v() const {\r
- return m_certs;\r
- }\r
- friend class XMLTOOL_API KeyResolver;\r
- };\r
-\r
- /**\r
- * Returns a set of certificates based on the supplied KeyInfo information.\r
- * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
- * \r
- * @param keyInfo the key information\r
- * @param certs reference to object to hold certificates\r
- * @return number of certificates returned\r
- */\r
- virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
- const KeyInfo* keyInfo, ResolvedCertificates& certs\r
- ) const;\r
- \r
- /**\r
- * Returns a set of certificates based on the supplied KeyInfo information.\r
- * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
- * \r
- * @param keyInfo the key information\r
- * @param certs reference to object to hold certificates\r
- * @return number of certificates returned\r
- */\r
- virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
- DSIGKeyInfoList* keyInfo, ResolvedCertificates& certs \r
- ) const;\r
-\r
- /**\r
- * Returns a set of certificates based on the supplied KeyInfo information.\r
- * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
- * \r
- * @param sig signature containing the key information\r
- * @param certs reference to object to hold certificates\r
- * @return number of certificates returned\r
- */\r
- std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
- const Signature* sig, ResolvedCertificates& certs\r
- ) const;\r
-\r
- /**\r
- * Returns a CRL based on the supplied KeyInfo information.\r
- * The caller must delete the CRL when done with it.\r
- * \r
- * @param keyInfo the key information\r
- * @return the resolved CRL\r
- */\r
- virtual xmltooling::XSECCryptoX509CRL* resolveCRL(const KeyInfo* keyInfo) const;\r
- \r
- /**\r
- * Returns a CRL based on the supplied KeyInfo information.\r
- * The caller must delete the CRL when done with it.\r
- * \r
- * @param keyInfo the key information\r
- * @return the resolved CRL\r
- */\r
- virtual xmltooling::XSECCryptoX509CRL* resolveCRL(DSIGKeyInfoList* keyInfo) const;\r
-\r
- /**\r
- * Returns a CRL based on the supplied KeyInfo information.\r
- * The caller must delete the CRL when done with it.\r
- * \r
- * @param sig signature containing the key information\r
- * @return the resolved CRL\r
- */\r
- xmltooling::XSECCryptoX509CRL* resolveCRL(const Signature* sig) const;\r
-\r
- protected:\r
- XSECCryptoKey* m_key;\r
-\r
- /**\r
- * Accessor for certificate vector from derived KeyResolver classes.\r
- *\r
- * @param certs certificate wrapper to access\r
- * @return modifiable reference to vector inside wrapper\r
- */\r
- std::vector<XSECCryptoX509*>& accessCertificates(ResolvedCertificates& certs) const {\r
- return certs.m_certs;\r
- }\r
-\r
- /**\r
- * Accessor for certificate ownership flag from derived KeyResolver classes.\r
- *\r
- * @param certs certificate wrapper to access\r
- * @return modifiable reference to ownership flag inside wrapper\r
- */\r
- bool& accessOwned(ResolvedCertificates& certs) const {\r
- return certs.m_owned;\r
- }\r
- };\r
-\r
- /**\r
- * Registers KeyResolver classes into the runtime.\r
- */\r
- void XMLTOOL_API registerKeyResolvers();\r
-\r
- /** KeyResolver based on hard-wired key */\r
- #define FILESYSTEM_KEY_RESOLVER "org.opensaml.xmlooling.FilesystemKeyResolver"\r
-\r
- /** KeyResolver based on extracting information directly out of a KeyInfo */\r
- #define INLINE_KEY_RESOLVER "org.opensaml.xmlooling.InlineKeyResolver"\r
-};\r
-\r
-#endif /* __xmltooling_keyres_h__ */\r
+/*
+ * Copyright 2001-2006 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file KeyResolver.h
+ *
+ * Resolves public keys and certificates based on KeyInfo information or
+ * external factors.
+ */
+
+#if !defined(__xmltooling_keyres_h__) && !defined(XMLTOOLING_NO_XMLSEC)
+#define __xmltooling_keyres_h__
+
+#include <xmltooling/security/XSECCryptoX509CRL.h>
+
+#include <xsec/dsig/DSIGKeyInfoList.hpp>
+#include <xsec/enc/XSECCryptoKey.hpp>
+#include <xsec/enc/XSECCryptoX509.hpp>
+
+#include <algorithm>
+#include <vector>
+
+namespace xmlsignature {
+ class XMLTOOL_API KeyInfo;
+ class XMLTOOL_API Signature;
+
+ /**
+ * An API for resolving keys. The default/simple implementation
+ * allows a hard-wired key to be supplied. This is mostly
+ * useful for testing, or to adapt another mechanism for supplying
+ * keys to this interface.
+ */
+ class XMLTOOL_API KeyResolver {
+ MAKE_NONCOPYABLE(KeyResolver);
+ public:
+ /**
+ * Constructor based on a single externally supplied key.
+ * The key will be destroyed when the resolver is.
+ *
+ * @param key external key
+ */
+ KeyResolver(XSECCryptoKey* key=NULL) : m_key(key) {}
+
+ virtual ~KeyResolver() {
+ delete m_key;
+ }
+
+ /**
+ * Returns a key based on the supplied KeyInfo information.
+ * The caller must delete the key when done with it.
+ *
+ * @param keyInfo the key information
+ * @return the resolved key
+ */
+ virtual XSECCryptoKey* resolveKey(const KeyInfo* keyInfo) const {
+ return m_key ? m_key->clone() : NULL;
+ }
+
+ /**
+ * Returns a key based on the supplied KeyInfo information.
+ * The caller must delete the key when done with it.
+ *
+ * @param keyInfo the key information
+ * @return the resolved key
+ */
+ virtual XSECCryptoKey* resolveKey(DSIGKeyInfoList* keyInfo) const {
+ return m_key ? m_key->clone() : NULL;
+ }
+
+ /**
+ * Returns a key based on the supplied KeyInfo information.
+ * The caller must delete the key when done with it.
+ *
+ * @param sig signature containing the key information
+ * @return the resolved key
+ */
+ XSECCryptoKey* resolveKey(const Signature* sig) const;
+
+ /**
+ * A wrapper that handles disposal of certificates when required.
+ */
+ class XMLTOOL_API ResolvedCertificates {
+ MAKE_NONCOPYABLE(ResolvedCertificates);
+ bool m_owned;
+ std::vector<XSECCryptoX509*> m_certs;
+ public:
+ ResolvedCertificates() : m_owned(false) {}
+ ~ResolvedCertificates() {
+ if (m_owned) {
+ std::for_each(m_certs.begin(), m_certs.end(), xmltooling::cleanup<XSECCryptoX509>());
+ }
+ }
+ const std::vector<XSECCryptoX509*>& v() const {
+ return m_certs;
+ }
+ friend class XMLTOOL_API KeyResolver;
+ };
+
+ /**
+ * Returns a set of certificates based on the supplied KeyInfo information.
+ * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.
+ *
+ * @param keyInfo the key information
+ * @param certs reference to object to hold certificates
+ * @return number of certificates returned
+ */
+ virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(
+ const KeyInfo* keyInfo, ResolvedCertificates& certs
+ ) const;
+
+ /**
+ * Returns a set of certificates based on the supplied KeyInfo information.
+ * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.
+ *
+ * @param keyInfo the key information
+ * @param certs reference to object to hold certificates
+ * @return number of certificates returned
+ */
+ virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(
+ DSIGKeyInfoList* keyInfo, ResolvedCertificates& certs
+ ) const;
+
+ /**
+ * Returns a set of certificates based on the supplied KeyInfo information.
+ * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.
+ *
+ * @param sig signature containing the key information
+ * @param certs reference to object to hold certificates
+ * @return number of certificates returned
+ */
+ std::vector<XSECCryptoX509*>::size_type resolveCertificates(
+ const Signature* sig, ResolvedCertificates& certs
+ ) const;
+
+ /**
+ * Returns a CRL based on the supplied KeyInfo information.
+ * The caller must delete the CRL when done with it.
+ *
+ * @param keyInfo the key information
+ * @return the resolved CRL
+ */
+ virtual xmltooling::XSECCryptoX509CRL* resolveCRL(const KeyInfo* keyInfo) const;
+
+ /**
+ * Returns a CRL based on the supplied KeyInfo information.
+ * The caller must delete the CRL when done with it.
+ *
+ * @param keyInfo the key information
+ * @return the resolved CRL
+ */
+ virtual xmltooling::XSECCryptoX509CRL* resolveCRL(DSIGKeyInfoList* keyInfo) const;
+
+ /**
+ * Returns a CRL based on the supplied KeyInfo information.
+ * The caller must delete the CRL when done with it.
+ *
+ * @param sig signature containing the key information
+ * @return the resolved CRL
+ */
+ xmltooling::XSECCryptoX509CRL* resolveCRL(const Signature* sig) const;
+
+ protected:
+ XSECCryptoKey* m_key;
+
+ /**
+ * Accessor for certificate vector from derived KeyResolver classes.
+ *
+ * @param certs certificate wrapper to access
+ * @return modifiable reference to vector inside wrapper
+ */
+ std::vector<XSECCryptoX509*>& accessCertificates(ResolvedCertificates& certs) const {
+ return certs.m_certs;
+ }
+
+ /**
+ * Accessor for certificate ownership flag from derived KeyResolver classes.
+ *
+ * @param certs certificate wrapper to access
+ * @return modifiable reference to ownership flag inside wrapper
+ */
+ bool& accessOwned(ResolvedCertificates& certs) const {
+ return certs.m_owned;
+ }
+ };
+
+ /**
+ * Registers KeyResolver classes into the runtime.
+ */
+ void XMLTOOL_API registerKeyResolvers();
+
+ /** KeyResolver based on hard-wired key */
+ #define FILESYSTEM_KEY_RESOLVER "org.opensaml.xmlooling.FilesystemKeyResolver"
+
+ /** KeyResolver based on extracting information directly out of a KeyInfo */
+ #define INLINE_KEY_RESOLVER "org.opensaml.xmlooling.InlineKeyResolver"
+};
+
+#endif /* __xmltooling_keyres_h__ */
projects / shibboleth / cpp-xmltooling.git / blobdiff