Address certificate object lifetime with wrapper class.

[shibboleth/cpp-xmltooling.git] / xmltooling / signature / KeyResolver.h

diff --git a/xmltooling/signature/KeyResolver.h b/xmltooling/signature/KeyResolver.h
index b75ab2b..b874bff 100644 (file)
--- a/xmltooling/signature/KeyResolver.h
+++ b/xmltooling/signature/KeyResolver.h
@@ -79,15 +79,35 @@ namespace xmlsignature {
         }\r
 \r
         /**\r
+         * A wrapper that handles disposal of certificates when required.\r
+         */\r
+        class XMLTOOL_API ResolvedCertificates {\r
+            MAKE_NONCOPYABLE(ResolvedCertificates);\r
+            bool m_owned;\r
+            std::vector<XSECCryptoX509*> m_certs;\r
+        public:\r
+            ResolvedCertificates() : m_owned(false) {}\r
+            ~ResolvedCertificates() {\r
+                if (m_owned) {\r
+                    std::for_each(m_certs.begin(), m_certs.end(), xmltooling::cleanup<XSECCryptoX509>());\r
+                }\r
+            }\r
+            const std::vector<XSECCryptoX509*>& v() const {\r
+                return m_certs;\r
+            }\r
+            friend class XMLTOOL_API KeyResolver;\r
+        };\r
+\r
+        /**\r
          * Returns a set of certificates based on the supplied KeyInfo information.\r
          * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
          * \r
          * @param keyInfo   the key information\r
-         * @param certs     reference to vector to store certificates\r
+         * @param certs     reference to object to hold certificates\r
          * @return  number of certificates returned\r
          */\r
         virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
-            const KeyInfo* keyInfo, std::vector<XSECCryptoX509*>& certs\r
+            const KeyInfo* keyInfo, ResolvedCertificates& certs\r
             ) const;\r
         \r
         /**\r
@@ -95,11 +115,11 @@ namespace xmlsignature {
          * The certificates must be cloned if kept beyond the lifetime of the KeyInfo source.\r
          * \r
          * @param keyInfo   the key information\r
-         * @param certs     reference to vector to store certificates\r
+         * @param certs     reference to object to hold certificates\r
          * @return  number of certificates returned\r
          */\r
         virtual std::vector<XSECCryptoX509*>::size_type resolveCertificates(\r
-            DSIGKeyInfoList* keyInfo, std::vector<XSECCryptoX509*>& certs \r
+            DSIGKeyInfoList* keyInfo, ResolvedCertificates& certs \r
             ) const;\r
 \r
         /**\r
@@ -122,6 +142,26 @@ namespace xmlsignature {
 \r
     protected:\r
         XSECCryptoKey* m_key;\r
+\r
+        /**\r
+         * Accessor for certificate vector from derived KeyResolver classes.\r
+         *\r
+         * @param certs certificate wrapper to access\r
+         * @return modifiable reference to vector inside wrapper\r
+         */\r
+        std::vector<XSECCryptoX509*>& accessCertificates(ResolvedCertificates& certs) const {\r
+            return certs.m_certs;\r
+        }\r
+\r
+        /**\r
+         * Accessor for certificate ownership flag from derived KeyResolver classes.\r
+         *\r
+         * @param certs certificate wrapper to access\r
+         * @return modifiable reference to ownership flag inside wrapper\r
+         */\r
+        bool& accessOwned(ResolvedCertificates& certs) const {\r
+            return certs.m_owned;\r
+        }\r
     };\r
 \r
     /**\r