/**\r
* @file KeyResolver.h\r
* \r
- * Resolves keys based on KeyInfo information or other external factors. \r
+ * Resolves public keys and certificates based on KeyInfo information or\r
+ * external factors. \r
*/\r
\r
#if !defined(__xmltooling_keyres_h__) && !defined(XMLTOOLING_NO_XMLSEC)\r
\r
#include <xsec/dsig/DSIGKeyInfoList.hpp>\r
#include <xsec/enc/XSECCryptoKey.hpp>\r
+#include <xsec/enc/XSECCryptoX509.hpp>\r
+\r
+#include <vector>\r
\r
namespace xmlsignature {\r
\r
/**\r
- * An API for resolving keys.\r
+ * An API for resolving keys. The default/simple implementation\r
+ * allows a hard-wired key to be supplied. This is mostly\r
+ * useful for testing, or to adapt another mechanism for supplying\r
+ * keys to this interface.\r
*/\r
class XMLTOOL_API KeyResolver {\r
MAKE_NONCOPYABLE(KeyResolver);\r
* @param keyInfo the key information\r
* @return the resolved key\r
*/\r
- virtual XSECCryptoKey* resolveKey(KeyInfo* keyInfo) {\r
+ virtual XSECCryptoKey* resolveKey(const KeyInfo* keyInfo) const {\r
return m_key ? m_key->clone() : NULL;\r
}\r
\r
* @param keyInfo the key information\r
* @return the resolved key\r
*/\r
- virtual XSECCryptoKey* resolveKey(DSIGKeyInfoList* keyInfo=NULL) {\r
+ virtual XSECCryptoKey* resolveKey(DSIGKeyInfoList* keyInfo) const {\r
return m_key ? m_key->clone() : NULL;\r
}\r
+\r
+ /**\r
+ * Returns a set of certificates based on the supplied KeyInfo information.\r
+ * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
+ * \r
+ * @param keyInfo the key information\r
+ * @param certs reference to vector to store certificates\r
+ * @return number of certificates returned\r
+ */\r
+ virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
+ const KeyInfo* keyInfo, std::vector<XSECCryptoX509*>& certs\r
+ ) const;\r
\r
+ /**\r
+ * Returns a set of certificates based on the supplied KeyInfo information.\r
+ * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
+ * \r
+ * @param keyInfo the key information\r
+ * @param certs reference to vector to store certificates\r
+ * @return number of certificates returned\r
+ */\r
+ virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
+ DSIGKeyInfoList* keyInfo, std::vector<XSECCryptoX509*>& certs \r
+ ) const;\r
+\r
protected:\r
XSECCryptoKey* m_key;\r
};\r
\r
+ /**\r
+ * Registers KeyResolver classes into the runtime.\r
+ */\r
+ void XMLTOOL_API registerKeyResolvers();\r
+\r
+ /** KeyResolver based on hard-wired key */\r
+ #define FILESYSTEM_KEY_RESOLVER "org.opensaml.xmlooling.FilesystemKeyResolver"\r
+\r
+ /** KeyResolver based on extracting information directly out of a KeyInfo */\r
+ #define INLINE_KEY_RESOLVER "org.opensaml.xmlooling.InlineKeyResolver"\r
};\r
\r
#endif /* __xmltooling_keyres_h__ */\r