Extend KeyResolver to include certificate resolution, add inline resolver.

[shibboleth/cpp-xmltooling.git] / xmltooling / signature / impl / FilesystemCredentialResolver.cpp

diff --git a/xmltooling/signature/impl/FilesystemCredentialResolver.cpp b/xmltooling/signature/impl/FilesystemCredentialResolver.cpp
index 86e70b1..c4362d5 100644 (file)
--- a/xmltooling/signature/impl/FilesystemCredentialResolver.cpp
+++ b/xmltooling/signature/impl/FilesystemCredentialResolver.cpp
@@ -21,13 +21,11 @@
  */\r
 \r
 #include "internal.h"\r
+#include "signature/KeyResolver.h"\r
 #include "signature/OpenSSLCredentialResolver.h"\r
 #include "util/NDC.h"\r
 #include "util/XMLHelper.h"\r
 \r
-using namespace xmlsignature;\r
-using namespace xmltooling;\r
-\r
 #include <sys/types.h>\r
 #include <sys/stat.h>\r
 #include <algorithm>\r
@@ -58,20 +56,31 @@ static int passwd_callback(char* buf, int len, int verify, void* passwd)
 }\r
 \r
 namespace xmlsignature {\r
-    class FilesystemCredentialResolver : public CredentialResolver\r
+    class FilesystemCredentialResolver : public OpenSSLCredentialResolver, public KeyResolver\r
     {\r
     public:\r
         FilesystemCredentialResolver(const DOMElement* e);\r
-        ~FilesystemCredentialResolver();\r
+        virtual ~FilesystemCredentialResolver();\r
 \r
         Lockable* lock() { return this; }\r
         void unlock() {}\r
         \r
         XSECCryptoKey* loadKey();\r
         \r
-        void attach(SSL_CTX* ctx) const;\r
-        XSECCryptoKey* getKey() const { return m_key->clone(); }\r
+        XSECCryptoKey* getKey() const { return m_key ? m_key->clone() : NULL; }\r
         const vector<XSECCryptoX509*>& getCertificates() const { return m_xseccerts; }\r
+        void attach(SSL_CTX* ctx) const;\r
+        \r
+        XSECCryptoKey* resolveKey(const KeyInfo* keyInfo) const { return m_key ? m_key->clone() : NULL; }\r
+        XSECCryptoKey* resolveKey(DSIGKeyInfoList* keyInfo) const { return m_key ? m_key->clone() : NULL; }\r
+        vector<XSECCryptoX509*>::size_type resolveCertificates(const KeyInfo* keyInfo, vector<XSECCryptoX509*>& certs) const {\r
+            certs.assign(m_xseccerts.begin(), m_xseccerts.end());\r
+            return certs.size();\r
+        }\r
+        vector<XSECCryptoX509*>::size_type resolveCertificates(DSIGKeyInfoList* keyInfo, vector<XSECCryptoX509*>& certs) const {\r
+            certs.assign(m_xseccerts.begin(), m_xseccerts.end());\r
+            return certs.size();\r
+        }\r
         \r
     private:\r
         enum format_t { PEM=SSL_FILETYPE_PEM, DER=SSL_FILETYPE_ASN1, _PKCS12, UNKNOWN };\r
@@ -91,6 +100,11 @@ namespace xmlsignature {
     {\r
         return new FilesystemCredentialResolver(e);\r
     }\r
+\r
+    KeyResolver* XMLTOOL_DLLLOCAL FilesystemKeyResolverFactory(const DOMElement* const & e)\r
+    {\r
+        return new FilesystemCredentialResolver(e);\r
+    }\r
 };\r
 \r
 static const XMLCh CAPath[] =           UNICODE_LITERAL_6(C,A,P,a,t,h);\r
@@ -100,7 +114,7 @@ static const XMLCh Key[] =              UNICODE_LITERAL_3(K,e,y);
 static const XMLCh password[] =         UNICODE_LITERAL_8(p,a,s,s,w,o,r,d);\r
 static const XMLCh Path[] =             UNICODE_LITERAL_4(P,a,t,h);\r
 \r
-FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e)\r
+FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e) : m_key(NULL)\r
 {\r
 #ifdef _DEBUG\r
     NDC ndc("FilesystemCredentialResolver");\r
@@ -399,6 +413,7 @@ XSECCryptoKey* FilesystemCredentialResolver::loadKey()
 \r
 FilesystemCredentialResolver::~FilesystemCredentialResolver()\r
 {\r
+    delete m_key;\r
     for_each(m_certs.begin(),m_certs.end(),X509_free);\r
     for_each(m_xseccerts.begin(),m_xseccerts.end(),xmltooling::cleanup<XSECCryptoX509>());\r
 }\r