};
/**
- * Enumeration of use cases for credentials.
+ * Bitmask of use cases for credentials.
*/
enum UsageTypes {
- UNSPECIFIED_CREDENTIAL,
- SIGNING_CREDENTIAL,
- TLS_CREDENTIAL,
- ENCRYPTION_CREDENTIAL
+ UNSPECIFIED_CREDENTIAL = 0,
+ SIGNING_CREDENTIAL = 1,
+ TLS_CREDENTIAL = 2,
+ ENCRYPTION_CREDENTIAL = 4
};
/**
- * Get the credential usage type.
+ * Get credential usage types.
*
- * @return the usage
+ * @return the usage bitmask
*/
- virtual UsageTypes getUsage() const=0;
+ virtual unsigned int getUsage() const=0;
/**
* Returns an algorithm identifier for the Credential.
virtual bool matches(const Credential& credential) const;
/**
- * Get the key usage criteria.
+ * Get key usage criteria.
*
- * @return the usage.
+ * @return the usage mask
*/
- Credential::UsageTypes getUsage() const {
+ unsigned int getUsage() const {
return m_keyUsage;
}
/**
- * Set the key usage criteria.
+ * Set key usage criteria.
*
- * @param usage the usage to set
+ * @param usage the usage mask to set
*/
- void setUsage(Credential::UsageTypes usage) {
+ void setUsage(unsigned int usage) {
m_keyUsage = usage;
}
}
private:
- Credential::UsageTypes m_keyUsage;
+ unsigned int m_keyUsage;
unsigned int m_keySize;
std::string m_peerName,m_keyAlgorithm;
std::set<std::string> m_keyNames;
{
public:
FilesystemCredential(FilesystemCredentialResolver* resolver, XSECCryptoKey* key, const std::vector<XSECCryptoX509*>& xseccerts)
- : BasicX509Credential(key, xseccerts), m_resolver(resolver) {
+ : BasicX509Credential(key, xseccerts), m_resolver(resolver), m_usage(UNSPECIFIED_CREDENTIAL) {
if (!m_xseccerts.empty())
extractNames(m_xseccerts.front(), m_keyNames);
initKeyInfo();
virtual ~FilesystemCredential() {
}
+ unsigned int getUsage() const {
+ return m_usage;
+ }
+
+ void setUsage(const XMLCh* usage) {
+ if (usage && *usage) {
+ auto_ptr_char u(usage);
+ if (!strcmp(u.get(), "signing"))
+ m_usage = SIGNING_CREDENTIAL | TLS_CREDENTIAL;
+ else if (!strcmp(u.get(), "TLS"))
+ m_usage = TLS_CREDENTIAL;
+ else if (!strcmp(u.get(), "encryption"))
+ m_usage = ENCRYPTION_CREDENTIAL;
+ }
+ }
+
void addKeyNames(const DOMElement* e);
void attach(SSL_CTX* ctx) const;
private:
FilesystemCredentialResolver* m_resolver;
+ unsigned int m_usage;
};
#if defined (_MSC_VER)
static const XMLCh Name[] = UNICODE_LITERAL_4(N,a,m,e);
static const XMLCh password[] = UNICODE_LITERAL_8(p,a,s,s,w,o,r,d);
static const XMLCh Path[] = UNICODE_LITERAL_4(P,a,t,h);
+ static const XMLCh _use[] = UNICODE_LITERAL_3(u,s,e);
};
FilesystemCredentialResolver::FilesystemCredentialResolver(const DOMElement* e) : m_credential(NULL)
}
const DOMElement* root=e;
+ const XMLCh* usage = root->getAttributeNS(NULL,_use);
XSECCryptoKey* key=NULL;
vector<XSECCryptoX509*> xseccerts;
if (!e) {
m_credential = new FilesystemCredential(this,key,xseccerts);
m_credential->addKeyNames(keynode);
+ m_credential->setUsage(usage);
return;
}
auto_ptr_char certpass(e->getAttributeNS(NULL,password));
key = xseccerts.front()->clonePublicKey();
m_credential = new FilesystemCredential(this, key, xseccerts);
m_credential->addKeyNames(keynode);
+ m_credential->setUsage(usage);
}
XSECCryptoKey* FilesystemCredentialResolver::loadKey()
projects / shibboleth / xmltooling.git / commitdiff