2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file xmltooling/security/KeyInfoResolver.h
20 * Resolves credentials from KeyInfo information.
23 #if !defined(__xmltooling_keyres_h__) && !defined(XMLTOOLING_NO_XMLSEC)
24 #define __xmltooling_keyres_h__
26 #include <xmltooling/base.h>
28 class DSIGKeyInfoList;
30 namespace xmlsignature {
31 class XMLTOOL_API KeyInfo;
32 class XMLTOOL_API Signature;
35 namespace xmltooling {
37 class XMLTOOL_API Credential;
38 class XMLTOOL_API CredentialCriteria;
39 class XMLTOOL_API KeyInfoCredentialContext;
42 * Resolves credentials from KeyInfo information.
44 * <p>Credential-specific bitmasks can be provided to control what to resolve.
46 * <p>Implementations should only establish KeyNames on the basis of explicit names
47 * within the KeyInfo object, never by extracting names out of physical credentials
50 class XMLTOOL_API KeyInfoResolver {
51 MAKE_NONCOPYABLE(KeyInfoResolver);
55 virtual ~KeyInfoResolver();
58 * Returns a credential based on the supplied KeyInfo information.
59 * The caller must release the credential when done with it.
61 * @param keyInfo the key information
62 * @param types types of credentials to resolve, or 0 for any/all
63 * @return the resolved credential, or NULL
65 virtual Credential* resolve(const xmlsignature::KeyInfo* keyInfo, int types=0) const=0;
68 * Returns a credential based on the supplied KeyInfo information.
69 * The caller must release the credential when done with it.
71 * @param keyInfo the key information
72 * @param types types of credentials to resolve, or 0 for any/all
73 * @return the resolved credential, or NULL
75 virtual Credential* resolve(DSIGKeyInfoList* keyInfo, int types=0) const=0;
78 * Returns a credential based on the KeyInfo information in the supplied
79 * context. The caller must release the credential when done with it.
81 * <p>The context object will be owned by the Credential and freed with it.
83 * @param context context containing the key information
84 * @param types types of credentials to resolve, or 0 for any/all
85 * @return the resolved credential, or NULL
87 virtual Credential* resolve(KeyInfoCredentialContext* context, int types=0) const=0;
90 * Returns a credential based on the supplied KeyInfo information.
91 * The caller must release the credential when done with it.
93 * @param sig signature containing the key information
94 * @param types types of credentials to resolve, or 0 for any/all
95 * @return the resolved credential, or NULL
97 Credential* resolve(const xmlsignature::Signature* sig, int types=0) const;
100 * Returns a credential based on the KeyInfo information in the supplied
101 * criteria. The caller must release the credential when done with it.
103 * @param criteria criteria containing the key information
104 * @param types types of credentials to resolve, or 0 for any/all
105 * @return the resolved credential, or NULL
107 Credential* resolve(const CredentialCriteria& criteria, int types=0) const;
111 * Registers KeyInfoResolver classes into the runtime.
113 void XMLTOOL_API registerKeyInfoResolvers();
115 /** KeyInfoResolver based on extracting by value directly out of a KeyInfo */
116 #define INLINE_KEYINFO_RESOLVER "Inline"
119 #endif /* __xmltooling_keyres_h__ */