1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
/*
* Copyright 2002-2005 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* XSEC
*
* XSECKeyInfoResolver := Virtual interface class for applications
* to map KeyInfo to keys
*
* Author(s): Berin Lautenbach
*
* $Id: XSECKeyInfoResolver.hpp 351207 2005-02-03 12:48:16Z milan $
*
*/
#ifndef XSECKEYINFORESOLVER_INCLUDE
#define XSECKEYINFORESOLVER_INCLUDE
#include <xsec/framework/XSECDefs.hpp>
#include <xsec/dsig/DSIGKeyInfoList.hpp>
#include <xsec/enc/XSECCryptoKey.hpp>
/**
* @ingroup interfaces
*/
/*\@{*/
/**
* @brief Interface class for providing keys to the library.
*
* The XSEC library does not perform actual mapping of KeyInfo
* elements to encryption keys. (In some cases a KeyInfo might
* not even be provided).
*
* This interface class allows the application to perform this
* key mapping and provision function. Applications can perform
* whatever steps are necessary to determine the appropriate key
* and what trust level it might have.
*
*/
class DSIG_EXPORT XSECKeyInfoResolver {
public :
/** @name Constructors and Destructors */
//@{
XSECKeyInfoResolver() {};
virtual ~XSECKeyInfoResolver() {};
//@}
/** @name Mandatory Interface Functions */
//@{
/**
* \brief Provide a key to the library
*
* The library will pass the KeyInfoList to the resolver
* which then needs to provide a key back to the library.
* The key may have absolutely no relationship to the KeyInfoList
* (which is only supposed to provide a hint).
*
* If no KeyInfo elements were provided in the Signature,
* NULL will be passed in.
*
* @param lst The list of KeyInfo elements from the signature
* @returns Either the appropriate key or NULL if none can be found
*/
virtual XSECCryptoKey * resolveKey(DSIGKeyInfoList * lst) = 0;
/**
* \brief Clone the resolver to be installed in a new object.
*
* When KeyInfoResolvers are passed into signatures and other
* objects, they are cloned and control of the original object
* is left with the caller.
*
*/
virtual XSECKeyInfoResolver * clone(void) const = 0;
//@}
/*\@}*/
};
#endif /* XSECKEYINFORESOLVER_INCLUDE */
|
