+/*\r
+ * Copyright 2001-2006 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+/**\r
+ * @file CredentialResolver.h\r
+ * \r
+ * Provides access to keys and certificates.\r
+ */\r
+\r
+#if !defined(__xmltooling_credres_h__) && !defined(XMLTOOLING_NO_XMLSEC)\r
+#define __xmltooling_credres_h__\r
+\r
+#include <xmltooling/Lockable.h>\r
+\r
+#include <vector>\r
+#include <xsec/enc/XSECCryptoKey.hpp>\r
+#include <xsec/enc/XSECCryptoX509.hpp>\r
+\r
+namespace xmltooling {\r
+\r
+ /**\r
+ * An abstract interface to credential formats like files, keystores, hardware tokens, etc.\r
+ * All non-const methods require that the interface be locked.\r
+ */\r
+ class XMLTOOL_API CredentialResolver : public virtual Lockable\r
+ {\r
+ MAKE_NONCOPYABLE(CredentialResolver);\r
+ public:\r
+ virtual ~CredentialResolver() {}\r
+\r
+ /**\r
+ * Returns an identifier for the credential.\r
+ * \r
+ * @return the identifier\r
+ */\r
+ virtual const char* getId() const=0;\r
+\r
+ /**\r
+ * Gets the public key associated with the credential.\r
+ * The caller <strong>MUST NOT</strong> modify the object.\r
+ * \r
+ * @return the public key, or NULL\r
+ */\r
+ virtual XSECCryptoKey* getPublicKey()=0;\r
+\r
+ /**\r
+ * Gets the private key associated with the credential.\r
+ * The caller <strong>MUST NOT</strong> modify the object.\r
+ * \r
+ * @return the private key, or NULL\r
+ */\r
+ virtual XSECCryptoKey* getPrivateKey()=0;\r
+\r
+ /**\r
+ * Gets the certificate chain associated with the credential.\r
+ * The caller <strong>MUST NOT</strong> modify the objects.\r
+ * The EE certificate <strong>MUST</strong> be first.\r
+ * \r
+ * @return a chain of certificates, or NULL\r
+ */\r
+ virtual const std::vector<XSECCryptoX509*>* getX509Certificates()=0;\r
+ \r
+ protected:\r
+ CredentialResolver() {}\r
+ };\r
+\r
+};\r
+\r
+#endif /* __xmltooling_credres_h__ */\r