{
MAKE_NONCOPYABLE(CredentialCriteria);
public:
- CredentialCriteria() : m_keyUsage(UNSPECIFIED_CREDENTIAL), m_keySize(0), m_key(NULL),
+ CredentialCriteria() : m_keyUsage(Credential::UNSPECIFIED_CREDENTIAL), m_keySize(0), m_key(NULL),
m_keyInfo(NULL), m_nativeKeyInfo(NULL), m_credential(NULL) {
}
virtual ~CredentialCriteria() {
* @return true iff the Credential is consistent with this criteria
*/
virtual bool matches(const Credential& credential) const;
-
- enum UsageType {
- UNSPECIFIED_CREDENTIAL,
- SIGNING_CREDENTIAL,
- TLS_CREDENTIAL,
- ENCRYPTION_CREDENTIAL
- };
-
+
/**
- * Get the key usage criteria.
+ * Get key usage criteria.
*
- * @return the usage.
+ * @return the usage mask
*/
- UsageType getUsage() const {
+ unsigned int getUsage() const {
return m_keyUsage;
}
/**
- * Set the key usage criteria.
+ * Set key usage criteria.
*
- * @param usage the usage to set
+ * @param usage the usage mask to set
*/
- void setUsage(UsageType usage) {
+ void setUsage(unsigned int usage) {
m_keyUsage = usage;
}
m_key = key;
}
+ /**
+ * Bitmask constants controlling the kinds of criteria set automatically
+ * based on a KeyInfo object.
+ */
enum keyinfo_extraction_t {
KEYINFO_EXTRACTION_KEY = 1,
- KEYINFO_EXTRACTION_KEYNAMES = 2,
- KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES = 4
+ KEYINFO_EXTRACTION_KEYNAMES = 2
};
/**
return;
int types = (extraction & KEYINFO_EXTRACTION_KEY) ? Credential::RESOLVE_KEYS : 0;
- types |= (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
+ types |= (extraction & KEYINFO_EXTRACTION_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
m_credential = XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(keyInfo,types);
if (extraction & KEYINFO_EXTRACTION_KEY)
setPublicKey(m_credential->getPublicKey());
- if (extraction & KEYINFO_EXTRACTION_KEYNAMES)
+ if (extraction & KEYINFO_EXTRACTION_KEYNAMES) {
+ X509Credential* xcred = dynamic_cast<X509Credential*>(m_credential);
+ if (xcred)
+ xcred->extract();
m_keyNames.insert(m_credential->getKeyNames().begin(), m_credential->getKeyNames().end());
- if (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) {
- const X509Credential* xcred = dynamic_cast<const X509Credential*>(m_credential);
- if (xcred && !xcred->getEntityCertificateChain().empty())
- X509Credential::extractNames(xcred->getEntityCertificateChain().front(), m_keyNames);
}
}
return;
int types = (extraction & KEYINFO_EXTRACTION_KEY) ? Credential::RESOLVE_KEYS : 0;
- types |= (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
+ types |= (extraction & KEYINFO_EXTRACTION_KEYNAMES) ? X509Credential::RESOLVE_CERTS : 0;
m_credential = XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(keyInfo,types);
if (extraction & KEYINFO_EXTRACTION_KEY)
setPublicKey(m_credential->getPublicKey());
- if (extraction & KEYINFO_EXTRACTION_KEYNAMES)
+ if (extraction & KEYINFO_EXTRACTION_KEYNAMES) {
+ X509Credential* xcred = dynamic_cast<X509Credential*>(m_credential);
+ if (xcred)
+ xcred->extract();
m_keyNames.insert(m_credential->getKeyNames().begin(), m_credential->getKeyNames().end());
- if (extraction & KEYINFO_EXTRACTION_IMPLICIT_KEYNAMES) {
- const X509Credential* xcred = dynamic_cast<const X509Credential*>(m_credential);
- if (xcred && !xcred->getEntityCertificateChain().empty())
- X509Credential::extractNames(xcred->getEntityCertificateChain().front(), m_keyNames);
}
}
setXMLAlgorithm(sig.getSignatureAlgorithm());
xmlsignature::KeyInfo* k = sig.getKeyInfo();
if (k)
- return setKeyInfo(k,extraction);
+ return setKeyInfo(k, extraction);
DSIGSignature* dsig = sig.getXMLSignature();
if (dsig)
- setNativeKeyInfo(dsig->getKeyInfoList(),extraction);
+ setNativeKeyInfo(dsig->getKeyInfoList(), extraction);
}
private:
- UsageType m_keyUsage;
+ unsigned int m_keyUsage;
unsigned int m_keySize;
std::string m_peerName,m_keyAlgorithm;
std::set<std::string> m_keyNames;
projects / shibboleth / xmltooling.git / blobdiff