Extended KeyResolver to handle CRLs.

[shibboleth/cpp-xmltooling.git] / xmltooling / signature / KeyResolver.h

diff --git a/xmltooling/signature/KeyResolver.h b/xmltooling/signature/KeyResolver.h
index 8a4774b..b75ab2b 100644 (file)
--- a/xmltooling/signature/KeyResolver.h
+++ b/xmltooling/signature/KeyResolver.h
@@ -24,6 +24,7 @@
 #if !defined(__xmltooling_keyres_h__) && !defined(XMLTOOLING_NO_XMLSEC)\r
 #define __xmltooling_keyres_h__\r
 \r
+#include <xmltooling/security/XSECCryptoX509CRL.h>\r
 #include <xmltooling/signature/KeyInfo.h>\r
 \r
 #include <xsec/dsig/DSIGKeyInfoList.hpp>\r
@@ -101,6 +102,24 @@ namespace xmlsignature {
             DSIGKeyInfoList* keyInfo, std::vector<XSECCryptoX509*>& certs \r
             ) const;\r
 \r
+        /**\r
+         * Returns a CRL based on the supplied KeyInfo information.\r
+         * The caller must delete the CRL when done with it.\r
+         * \r
+         * @param keyInfo   the key information\r
+         * @return  the resolved CRL\r
+         */\r
+        virtual xmltooling::XSECCryptoX509CRL* resolveCRL(const KeyInfo* keyInfo) const;\r
+        \r
+        /**\r
+         * Returns a CRL based on the supplied KeyInfo information.\r
+         * The caller must delete the CRL when done with it.\r
+         * \r
+         * @param keyInfo   the key information\r
+         * @return  the resolved CRL\r
+         */\r
+        virtual xmltooling::XSECCryptoX509CRL* resolveCRL(DSIGKeyInfoList* keyInfo) const;\r
+\r
     protected:\r
         XSECCryptoKey* m_key;\r
     };\r