00001 /* 00002 * The Apache Software License, Version 1.1 00003 * 00004 * 00005 * Copyright (c) 2002-2003 The Apache Software Foundation. All rights 00006 * reserved. 00007 * 00008 * Redistribution and use in source and binary forms, with or without 00009 * modification, are permitted provided that the following conditions 00010 * are met: 00011 * 00012 * 1. Redistributions of source code must retain the above copyright 00013 * notice, this list of conditions and the following disclaimer. 00014 * 00015 * 2. Redistributions in binary form must reproduce the above copyright 00016 * notice, this list of conditions and the following disclaimer in 00017 * the documentation and/or other materials provided with the 00018 * distribution. 00019 * 00020 * 3. The end-user documentation included with the redistribution, 00021 * if any, must include the following acknowledgment: 00022 * "This product includes software developed by the 00023 * Apache Software Foundation (http://www.apache.org/)." 00024 * Alternately, this acknowledgment may appear in the software itself, 00025 * if and wherever such third-party acknowledgments normally appear. 00026 * 00027 * 4. The names "<WebSig>" and "Apache Software Foundation" must 00028 * not be used to endorse or promote products derived from this 00029 * software without prior written permission. For written 00030 * permission, please contact apache@apache.org. 00031 * 00032 * 5. Products derived from this software may not be called "Apache", 00033 * nor may "Apache" appear in their name, without prior written 00034 * permission of the Apache Software Foundation. 00035 * 00036 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 00037 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 00038 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 00039 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 00040 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00041 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 00042 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 00043 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 00044 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 00045 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 00046 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 00047 * SUCH DAMAGE. 00048 * ==================================================================== 00049 * 00050 * This software consists of voluntary contributions made by many 00051 * individuals on behalf of the Apache Software Foundation and was 00052 * originally based on software copyright (c) 2001, Institute for 00053 * Data Communications Systems, <http://www.nue.et-inf.uni-siegen.de/>. 00054 * The development of this software was partly funded by the European 00055 * Commission in the <WebSig> project in the ISIS Programme. 00056 * For more information on the Apache Software Foundation, please see 00057 * <http://www.apache.org/>. 00058 */ 00059 00060 /* 00061 * XSEC 00062 * 00063 * DSIGKeyInfoX509 := A "Super" key that defines a certificate with a sub-key that defines 00064 * the signing key 00065 * 00066 * Author(s): Berin Lautenbach 00067 * 00068 * $ID$ 00069 * 00070 * $LOG$ * 00071 */ 00072 00073 #ifndef DSIGKEYINFOX509_INCLUDE 00074 #define DSIGKEYINFOX509_INCLUDE 00075 00076 #include <xsec/utils/XSECSafeBuffer.hpp> 00077 #include <xsec/dsig/DSIGKeyInfo.hpp> 00078 #include <xsec/enc/XSECCryptoX509.hpp> 00079 00080 #include <vector> 00081 00082 XSEC_USING_XERCES(DOMElement); 00083 00098 class DSIG_EXPORT DSIGKeyInfoX509 : public DSIGKeyInfo { 00099 00100 public: 00101 00102 00103 struct X509Holder { 00104 00105 const XMLCh * mp_encodedX509; // Base64 encoding 00106 XSECCryptoX509 * mp_cryptoX509; // The certificate 00107 00108 }; 00109 00110 #if defined(XSEC_NO_NAMESPACES) 00111 typedef vector<X509Holder *> X509ListType; 00112 #else 00113 typedef std::vector<X509Holder *> X509ListType; 00114 #endif 00115 00116 #if defined(XSEC_SIZE_T_IN_NAMESPACE_STD) 00117 typedef std::size_t size_type; 00118 #else 00119 typedef size_t size_type; 00120 #endif 00121 00124 00135 DSIGKeyInfoX509(DSIGSignature * sig, DOMNode *X509Data); 00136 00146 DSIGKeyInfoX509(DSIGSignature * sig); 00147 00152 virtual ~DSIGKeyInfoX509(); 00153 00155 00158 00166 virtual void load(); 00167 00178 const XMLCh * getX509SubjectName(void); 00179 00191 const XMLCh * getKeyName(void); 00192 00202 const XMLCh * getX509IssuerName(void); 00203 00215 const XMLCh * getX509IssuerSerialNumber(void); 00216 00227 const XMLCh * getX509CRL(void); 00228 00239 const XMLCh * getX509SKI(void); 00240 00249 const XMLCh * getRawRetrievalURI(void); 00250 00259 int getCertificateListSize(void); 00260 00271 const XMLCh * getCertificateItem(int item); 00272 00277 virtual keyInfoType getKeyInfoType(void) {return DSIGKeyInfo::KEYINFO_X509;} 00278 00280 00283 00293 DOMElement * createBlankX509Data(void); 00294 00308 void setX509SubjectName(const XMLCh * name); 00309 00324 void setX509IssuerSerial(const XMLCh * name, const XMLCh * serial); 00325 00335 void setX509CRL(const XMLCh * crl); 00336 00349 void setX509SKI(const XMLCh * ski); 00350 00361 void setRawRetrievalURI(const XMLCh * uri); 00362 00373 void appendX509Certificate(const XMLCh * base64Certificate); 00374 00376 00377 00378 private: 00379 00380 DSIGKeyInfoX509(); 00381 00382 X509ListType m_X509List; // The X509 structures 00383 XMLCh * mp_X509IssuerName; // Parameters from KeyInfo (not cert) 00384 const XMLCh * mp_X509SerialNumber; 00385 XMLCh * mp_X509SubjectName; 00386 const XMLCh * mp_X509CRL; 00387 const XMLCh * mp_X509SKI; 00388 XMLCh * mp_rawRetrievalURI; 00389 00390 // Text nodes holding information 00391 00392 DOMNode * mp_X509SubjectNameTextNode; 00393 DOMNode * mp_X509IssuerNameTextNode; 00394 DOMNode * mp_X509SerialNumberTextNode; 00395 DOMNode * mp_X509CRLTextNode; 00396 DOMNode * mp_X509SKITextNode; 00397 00398 }; 00399 00400 00401 00402 #endif /* #define DSIGKEYX509_INCLUDE */