xmltooling  3.3.0
xmltooling::BasicX509Credential Class Reference

Wraps an X.509-based Credential by storing key/cert objects inside. More...

#include <xmltooling/security/BasicX509Credential.h>

Inheritance diagram for xmltooling::BasicX509Credential:
xmltooling::X509Credential xmltooling::Credential

Public Member Functions

unsigned int getUsage () const
 Get credential usage types. More...
 
const char * getAlgorithm () const
 Returns an algorithm identifier for the Credential. More...
 
unsigned int getKeySize () const
 Returns the size of the key in bits. More...
 
const XSECCryptoKey * getPrivateKey () const
 Returns a secret or private key to use for signing or decryption operations. More...
 
const XSECCryptoKey * getPublicKey () const
 Returns a secret or public key to use for verification or encryption operations. More...
 
const std::set< std::string > & getKeyNames () const
 Returns names representing the Credential. More...
 
xmlsignature::KeyInfo * getKeyInfo (bool compact=false) const
 Returns a ds:KeyInfo object representing the Credential for use in communicating with other entities. More...
 
const std::vector< XSECCryptoX509 * > & getEntityCertificateChain () const
 Gets an immutable collection of certificates in the entity's trust chain. More...
 
const std::vector< XSECCryptoX509CRL * > & getCRLs () const
 Gets an immutable collection of all CRLs associated with the credential. More...
 
const char * getSubjectName () const
 Gets the subject name of the first certificate in the chain. More...
 
const char * getIssuerName () const
 Gets the issuer name of the first certificate in the chain. More...
 
const char * getSerialNumber () const
 Gets the serial number of the first certificate in the chain. More...
 
void extract ()
 Extracts properties like issuer and subject from the first certificate in the chain.
 
- Public Member Functions inherited from xmltooling::Credential
virtual const CredentialContextgetCredentialContext () const
 Get the credential context information, which provides additional information specific to the context in which the credential was resolved. More...
 

Protected Member Functions

 BasicX509Credential (bool ownCerts)
 Constructor. More...
 
 BasicX509Credential (XSECCryptoKey *key, const std::vector< XSECCryptoX509 *> &certs, XSECCryptoX509CRL *crl=0)
 Constructor. More...
 
 BasicX509Credential (XSECCryptoKey *key, const std::vector< XSECCryptoX509 *> &certs, const std::vector< XSECCryptoX509CRL *> &crls)
 Constructor. More...
 
void initKeyInfo (unsigned int types=0)
 Initializes (or reinitializes) a ds:KeyInfo to represent the Credential. More...
 

Protected Attributes

boost::scoped_ptr< XSECCryptoKey > m_key
 The private/secret key/keypair. More...
 
std::set< std::string > m_keyNames
 Key names (derived from credential, KeyInfo, or both). More...
 
std::string m_subjectName
 Subject DN. More...
 
std::string m_issuerName
 Issuer DN. More...
 
std::string m_serial
 Serial number. More...
 
std::vector< XSECCryptoX509 * > m_xseccerts
 The X.509 certificate chain. More...
 
bool m_ownCerts
 Indicates whether to destroy certificates. More...
 
std::vector< XSECCryptoX509CRL * > m_crls
 The X.509 CRLs. More...
 
boost::scoped_ptr< xmlsignature::KeyInfo > m_keyInfo
 The KeyInfo object representing the information. More...
 
boost::scoped_ptr< xmlsignature::KeyInfo > m_compactKeyInfo
 The KeyInfo object representing the information in compact form. More...
 

Additional Inherited Members

- Public Types inherited from xmltooling::X509Credential
enum  ResolveTypes { RESOLVE_CERTS = 4, RESOLVE_CRLS = 8 }
 Bitmask constants for limiting resolution process inside a CredentialResolver.
 
enum  KeyInfoTypes { KEYINFO_X509_CERTIFICATE = 4, KEYINFO_X509_SUBJECTNAME = 8, KEYINFO_X509_ISSUERSERIAL = 16, KEYINFO_X509_DIGEST = 32 }
 Bitmask of supported KeyInfo content to generate.
 
- Public Types inherited from xmltooling::Credential
enum  ResolveTypes { RESOLVE_KEYS = 1, RESOLVE_NAMES = 2 }
 Bitmask constants for limiting resolution process inside a CredentialResolver.
 
enum  UsageTypes { UNSPECIFIED_CREDENTIAL = 0, SIGNING_CREDENTIAL = 1, TLS_CREDENTIAL = 2, ENCRYPTION_CREDENTIAL = 4 }
 Bitmask of use cases for credentials.
 
enum  KeyInfoTypes { KEYINFO_KEY_VALUE = 1, KEYINFO_KEY_NAME = 2 }
 Bitmask of supported KeyInfo content to generate.
 

Detailed Description

Wraps an X.509-based Credential by storing key/cert objects inside.

Constructor & Destructor Documentation

◆ BasicX509Credential() [1/3]

xmltooling::BasicX509Credential::BasicX509Credential ( bool  ownCerts)
protected

Constructor.

Parameters
ownCertstrue iff any certificates subsequently stored should be freed by destructor

◆ BasicX509Credential() [2/3]

xmltooling::BasicX509Credential::BasicX509Credential ( XSECCryptoKey *  key,
const std::vector< XSECCryptoX509 *> &  certs,
XSECCryptoX509CRL crl = 0 
)
protected

Constructor.

Parameters
keykey pair or secret key
certsarray of X.509 certificates, the first entry being the entity certificate
crloptional CRL

◆ BasicX509Credential() [3/3]

xmltooling::BasicX509Credential::BasicX509Credential ( XSECCryptoKey *  key,
const std::vector< XSECCryptoX509 *> &  certs,
const std::vector< XSECCryptoX509CRL *> &  crls 
)
protected

Constructor.

Parameters
keykey pair or secret key
certsarray of X.509 certificates, the first entry being the entity certificate
crlsarray of X.509 CRLs

Member Function Documentation

◆ getAlgorithm()

const char* xmltooling::BasicX509Credential::getAlgorithm ( ) const
virtual

Returns an algorithm identifier for the Credential.

Returns
the Credential algorithm, or nullptr if indeterminate

Implements xmltooling::Credential.

◆ getCRLs()

const std::vector<XSECCryptoX509CRL*>& xmltooling::BasicX509Credential::getCRLs ( ) const
virtual

Gets an immutable collection of all CRLs associated with the credential.

Returns
CRLs associated with the credential

Implements xmltooling::X509Credential.

◆ getEntityCertificateChain()

const std::vector<XSECCryptoX509*>& xmltooling::BasicX509Credential::getEntityCertificateChain ( ) const
virtual

Gets an immutable collection of certificates in the entity's trust chain.

The entity certificate is contained within this list. No specific ordering of the certificates is guaranteed.

Returns
a certificate chain

Implements xmltooling::X509Credential.

◆ getIssuerName()

const char* xmltooling::BasicX509Credential::getIssuerName ( ) const
virtual

Gets the issuer name of the first certificate in the chain.

Returns
the Issuer DN

Implements xmltooling::X509Credential.

◆ getKeyInfo()

xmlsignature::KeyInfo* xmltooling::BasicX509Credential::getKeyInfo ( bool  compact = false) const
virtual

Returns a ds:KeyInfo object representing the Credential for use in communicating with other entities.

Parameters
compacttrue iff the communication medium is such that only compact forms should be included
Returns
a KeyInfo object, which must be freed by the caller

Implements xmltooling::Credential.

◆ getKeyNames()

const std::set<std::string>& xmltooling::BasicX509Credential::getKeyNames ( ) const
virtual

Returns names representing the Credential.

Names should be unique in the context of the comparisons against CredentialCriteria that deployments expect to see.

Returns
a sorted set of names

Implements xmltooling::Credential.

◆ getKeySize()

unsigned int xmltooling::BasicX509Credential::getKeySize ( ) const
virtual

Returns the size of the key in bits.

Returns
the key size, or 0 if indeterminate

Implements xmltooling::Credential.

◆ getPrivateKey()

const XSECCryptoKey* xmltooling::BasicX509Credential::getPrivateKey ( ) const
virtual

Returns a secret or private key to use for signing or decryption operations.

Returns
a secret or private key

Implements xmltooling::Credential.

◆ getPublicKey()

const XSECCryptoKey* xmltooling::BasicX509Credential::getPublicKey ( ) const
virtual

Returns a secret or public key to use for verification or encryption operations.

Returns
a secret or public key

Implements xmltooling::Credential.

◆ getSerialNumber()

const char* xmltooling::BasicX509Credential::getSerialNumber ( ) const
virtual

Gets the serial number of the first certificate in the chain.

Returns
the serial number

Implements xmltooling::X509Credential.

◆ getSubjectName()

const char* xmltooling::BasicX509Credential::getSubjectName ( ) const
virtual

Gets the subject name of the first certificate in the chain.

Returns
the Subject DN

Implements xmltooling::X509Credential.

◆ getUsage()

unsigned int xmltooling::BasicX509Credential::getUsage ( ) const
virtual

Get credential usage types.

Returns
the usage bitmask

Implements xmltooling::Credential.

◆ initKeyInfo()

void xmltooling::BasicX509Credential::initKeyInfo ( unsigned int  types = 0)
protected

Initializes (or reinitializes) a ds:KeyInfo to represent the Credential.

Parameters
typesthe kinds of KeyInfo content to include

Member Data Documentation

◆ m_compactKeyInfo

boost::scoped_ptr<xmlsignature::KeyInfo> xmltooling::BasicX509Credential::m_compactKeyInfo
protected

The KeyInfo object representing the information in compact form.

◆ m_crls

std::vector<XSECCryptoX509CRL*> xmltooling::BasicX509Credential::m_crls
protected

The X.509 CRLs.

◆ m_issuerName

std::string xmltooling::BasicX509Credential::m_issuerName
protected

Issuer DN.

◆ m_key

boost::scoped_ptr<XSECCryptoKey> xmltooling::BasicX509Credential::m_key
protected

The private/secret key/keypair.

◆ m_keyInfo

boost::scoped_ptr<xmlsignature::KeyInfo> xmltooling::BasicX509Credential::m_keyInfo
protected

The KeyInfo object representing the information.

◆ m_keyNames

std::set<std::string> xmltooling::BasicX509Credential::m_keyNames
protected

Key names (derived from credential, KeyInfo, or both).

◆ m_ownCerts

bool xmltooling::BasicX509Credential::m_ownCerts
protected

Indicates whether to destroy certificates.

◆ m_serial

std::string xmltooling::BasicX509Credential::m_serial
protected

Serial number.

◆ m_subjectName

std::string xmltooling::BasicX509Credential::m_subjectName
protected

Subject DN.

◆ m_xseccerts

std::vector<XSECCryptoX509*> xmltooling::BasicX509Credential::m_xseccerts
protected

The X.509 certificate chain.


The documentation for this class was generated from the following file: