security/impl/AbstractPKIXTrustEngine.cpp \
security/impl/BasicX509Credential.cpp \
security/impl/ChainingTrustEngine.cpp \
- security/impl/Credential.cpp \
+ security/impl/CredentialCriteria.cpp \
security/impl/CredentialResolver.cpp \
security/impl/ExplicitKeyTrustEngine.cpp \
security/impl/FilesystemCredentialResolver.cpp \
/**
* @file xmltooling/security/CredentialCriteria.h
*
- * Class for specifying criteria by which a CredentialResolver should resolve credentials.
+ * Class for specifying criteria by which a CredentialResolver should resolve credentials.
*/
#if !defined(__xmltooling_credcrit_h__) && !defined(XMLTOOLING_NO_XMLSEC)
delete m_credential;
}
+ /**
+ * Determines whether the supplied Credential matches this CredentialCriteria.
+ *
+ * @param credential the Credential to evaluate
+ * @return true iff the Credential is consistent with this criteria
+ */
+ virtual bool matches(const Credential& credential) const;
+
enum UsageType {
UNSPECIFIED_CREDENTIAL,
SIGNING_CREDENTIAL,
*/
/**
- * Credential.cpp
+ * CredentialCriteria.cpp
*
- * Wraps keys and related functionality.
+ * Class for specifying criteria by which a CredentialResolver should resolve credentials.
*/
#include "internal.h"
using namespace xmltooling;
using namespace std;
-bool Credential::matches(const CredentialCriteria& criteria) const
+bool CredentialCriteria::matches(const Credential& credential) const
{
// Algorithm check, if specified and we have one.
- const char* alg = criteria.getKeyAlgorithm();
+ const char* alg = getKeyAlgorithm();
if (alg && *alg) {
- const char* alg2 = getAlgorithm();
+ const char* alg2 = credential.getAlgorithm();
if (alg2 && *alg2)
if (strcmp(alg,alg2))
return false;
}
// KeySize check, if specified and we have one.
- if (criteria.getKeySize()>0 && getKeySize()>0 && criteria.getKeySize() != getKeySize())
+ if (credential.getKeySize()>0 && getKeySize()>0 && credential.getKeySize() != getKeySize())
return false;
// See if we can test key names.
- const set<string>& critnames = criteria.getKeyNames();
- const set<string>& crednames = getKeyNames();
+ const set<string>& critnames = getKeyNames();
+ const set<string>& crednames = credential.getKeyNames();
if (!critnames.empty() && !crednames.empty()) {
bool found = false;
for (set<string>::const_iterator n = critnames.begin(); n!=critnames.end(); ++n) {
}
// See if we have to match a specific key.
- XSECCryptoKey* key1 = criteria.getPublicKey();
+ XSECCryptoKey* key1 = getPublicKey();
if (!key1)
return true; // no key to compare against, so we're done
- XSECCryptoKey* key2 = getPublicKey();
+ XSECCryptoKey* key2 = credential.getPublicKey();
if (!key2)
return true; // no key here, so we can't test it
return (BN_cmp(dsa1->pub_key,dsa2->pub_key) == 0);
}
- log4cpp::Category::getInstance(XMLTOOLING_LOGCAT".Credential").warn("unsupported key type for comparison");
+ log4cpp::Category::getInstance(XMLTOOLING_LOGCAT".CredentialCriteria").warn("unsupported key type for comparison");
return false;
}
void unlock() {}
const Credential* resolve(const CredentialCriteria* criteria=NULL) const {
- return (criteria ? (m_credential->matches(*criteria) ? m_credential : NULL) : m_credential);
+ return (criteria ? (criteria->matches(*m_credential) ? m_credential : NULL) : m_credential);
}
virtual vector<const Credential*>::size_type resolve(
vector<const Credential*>& results, const CredentialCriteria* criteria=NULL
) const {
- if (!criteria || m_credential->matches(*criteria)) {
+ if (!criteria || criteria->matches(*m_credential)) {
results.push_back(m_credential);
return 1;
}