<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <meta http-equiv="X-UA-Compatible" content="IE=9"/> <meta name="generator" content="Doxygen 1.8.8"/> <title>xmltooling: xmltooling::ChainingTrustEngine Class Reference</title> <link href="tabs.css" rel="stylesheet" type="text/css"/> <script type="text/javascript" src="jquery.js"></script> <script type="text/javascript" src="dynsections.js"></script> <link href="navtree.css" rel="stylesheet" type="text/css"/> <script type="text/javascript" src="resize.js"></script> <script type="text/javascript" src="navtree.js"></script> <script type="text/javascript"> $(document).ready(initResizable); $(window).load(resizeHeight); </script> <link href="doxygen.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="top"><!-- do not remove this div, it is closed by doxygen! --> <div id="titlearea"> <table cellspacing="0" cellpadding="0"> <tbody> <tr style="height: 56px;"> <td style="padding-left: 0.5em;"> <div id="projectname">xmltooling  <span id="projectnumber">1.5.3</span> </div> </td> </tr> </tbody> </table> </div> <!-- end header part --> <!-- Generated by Doxygen 1.8.8 --> <div id="navrow1" class="tabs"> <ul class="tablist"> <li><a href="index.html"><span>Main Page</span></a></li> <li><a href="pages.html"><span>Related Pages</span></a></li> <li><a href="namespaces.html"><span>Namespaces</span></a></li> <li class="current"><a href="annotated.html"><span>Classes</span></a></li> <li><a href="files.html"><span>Files</span></a></li> </ul> </div> <div id="navrow2" class="tabs2"> <ul class="tablist"> <li><a href="annotated.html"><span>Class List</span></a></li> <li><a href="hierarchy.html"><span>Class Hierarchy</span></a></li> <li><a href="functions.html"><span>Class Members</span></a></li> </ul> </div> </div><!-- top --> <div id="side-nav" class="ui-resizable side-nav-resizable"> <div id="nav-tree"> <div id="nav-tree-contents"> <div id="nav-sync" class="sync"></div> </div> </div> <div id="splitbar" style="-moz-user-select:none;" class="ui-resizable-handle"> </div> </div> <script type="text/javascript"> $(document).ready(function(){initNavTree('a00016.html','');}); </script> <div id="doc-content"> <div class="header"> <div class="summary"> <a href="#pub-methods">Public Member Functions</a> | <a href="a00237.html">List of all members</a> </div> <div class="headertitle"> <div class="title">xmltooling::ChainingTrustEngine Class Reference</div> </div> </div><!--header--> <div class="contents"> <p><a class="el" href="a00060.html" title="Extended TrustEngine interface that adds validation of X.509 credentials using OpenSSL data types dir...">OpenSSLTrustEngine</a> that uses multiple engines in sequence. <a href="a00016.html#details">More...</a></p> <p><code>#include <xmltooling/security/ChainingTrustEngine.h></code></p> <div class="dynheader"> Inheritance diagram for xmltooling::ChainingTrustEngine:</div> <div class="dyncontent"> <div class="center"> <img src="a00016.png" usemap="#xmltooling::ChainingTrustEngine_map" alt=""/> <map id="xmltooling::ChainingTrustEngine_map" name="xmltooling::ChainingTrustEngine_map"> <area href="a00078.html" title="TrustEngine interface that adds validation of digital signatures. " alt="xmltooling::SignatureTrustEngine" shape="rect" coords="0,112,194,136"/> <area href="a00060.html" title="Extended TrustEngine interface that adds validation of X.509 credentials using OpenSSL data types dir..." alt="xmltooling::OpenSSLTrustEngine" shape="rect" coords="204,112,398,136"/> <area href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re..." alt="xmltooling::TrustEngine" shape="rect" coords="0,56,194,80"/> <area href="a00102.html" title="TrustEngine interface that adds validation of X.509 credentials. " alt="xmltooling::X509TrustEngine" shape="rect" coords="204,56,398,80"/> <area href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re..." alt="xmltooling::TrustEngine" shape="rect" coords="204,0,398,24"/> </map> </div></div> <table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pub-methods"></a> Public Member Functions</h2></td></tr> <tr class="memitem:a5a341bac6db378fab8d7b606e8f4923c"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a5a341bac6db378fab8d7b606e8f4923c">ChainingTrustEngine</a> (const xercesc::DOMElement *e=0)</td></tr> <tr class="memdesc:a5a341bac6db378fab8d7b606e8f4923c"><td class="mdescLeft"> </td><td class="mdescRight">Constructor. <a href="#a5a341bac6db378fab8d7b606e8f4923c">More...</a><br /></td></tr> <tr class="separator:a5a341bac6db378fab8d7b606e8f4923c"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a9a4d9765542403938844e64c388d74fd"><td class="memItemLeft" align="right" valign="top"><a class="anchor" id="a9a4d9765542403938844e64c388d74fd"></a> virtual </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a9a4d9765542403938844e64c388d74fd">~ChainingTrustEngine</a> ()</td></tr> <tr class="memdesc:a9a4d9765542403938844e64c388d74fd"><td class="mdescLeft"> </td><td class="mdescRight">Destructor will delete any embedded engines. <br /></td></tr> <tr class="separator:a9a4d9765542403938844e64c388d74fd"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a56afdcef0535c285e7b77db63313819d"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a56afdcef0535c285e7b77db63313819d">addTrustEngine</a> (<a class="el" href="a00090.html">TrustEngine</a> *newEngine)</td></tr> <tr class="memdesc:a56afdcef0535c285e7b77db63313819d"><td class="mdescLeft"> </td><td class="mdescRight">Adds a trust engine for future calls. <a href="#a56afdcef0535c285e7b77db63313819d">More...</a><br /></td></tr> <tr class="separator:a56afdcef0535c285e7b77db63313819d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a62a0d411c4661df1873bca7a545b5719"><td class="memItemLeft" align="right" valign="top"><a class="el" href="a00090.html">TrustEngine</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a62a0d411c4661df1873bca7a545b5719">removeTrustEngine</a> (<a class="el" href="a00090.html">TrustEngine</a> *oldEngine)</td></tr> <tr class="memdesc:a62a0d411c4661df1873bca7a545b5719"><td class="mdescLeft"> </td><td class="mdescRight">Removes a trust engine. <a href="#a62a0d411c4661df1873bca7a545b5719">More...</a><br /></td></tr> <tr class="separator:a62a0d411c4661df1873bca7a545b5719"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a1cf359a4acda59b722c7eeca1709128d"><td class="memItemLeft" align="right" valign="top">bool </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a1cf359a4acda59b722c7eeca1709128d">validate</a> (<a class="el" href="a00075.html">xmlsignature::Signature</a> &sig, const <a class="el" href="a00026.html">CredentialResolver</a> &credResolver, <a class="el" href="a00025.html">CredentialCriteria</a> *criteria=0) const </td></tr> <tr class="memdesc:a1cf359a4acda59b722c7eeca1709128d"><td class="mdescLeft"> </td><td class="mdescRight">Determines whether an XML signature is correct and valid with respect to the source of credentials supplied. <a href="#a1cf359a4acda59b722c7eeca1709128d">More...</a><br /></td></tr> <tr class="separator:a1cf359a4acda59b722c7eeca1709128d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a5fae687b73da045a2bf98b4d1a5ce2b0"><td class="memItemLeft" align="right" valign="top">bool </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a5fae687b73da045a2bf98b4d1a5ce2b0">validate</a> (const XMLCh *sigAlgorithm, const char *sig, xmlsignature::KeyInfo *keyInfo, const char *in, unsigned int in_len, const <a class="el" href="a00026.html">CredentialResolver</a> &credResolver, <a class="el" href="a00025.html">CredentialCriteria</a> *criteria=0) const </td></tr> <tr class="memdesc:a5fae687b73da045a2bf98b4d1a5ce2b0"><td class="mdescLeft"> </td><td class="mdescRight">Determines whether a raw signature is correct and valid with respect to the source of credentials supplied. <a href="#a5fae687b73da045a2bf98b4d1a5ce2b0">More...</a><br /></td></tr> <tr class="separator:a5fae687b73da045a2bf98b4d1a5ce2b0"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:a70d090e043c2bc823f3c751da8a8e4cd"><td class="memItemLeft" align="right" valign="top">bool </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#a70d090e043c2bc823f3c751da8a8e4cd">validate</a> (XSECCryptoX509 *certEE, const std::vector< XSECCryptoX509 * > &certChain, const <a class="el" href="a00026.html">CredentialResolver</a> &credResolver, <a class="el" href="a00025.html">CredentialCriteria</a> *criteria=0) const </td></tr> <tr class="memdesc:a70d090e043c2bc823f3c751da8a8e4cd"><td class="mdescLeft"> </td><td class="mdescRight">Determines whether an X.509 credential is valid with respect to the source of credentials supplied. <a href="#a70d090e043c2bc823f3c751da8a8e4cd">More...</a><br /></td></tr> <tr class="separator:a70d090e043c2bc823f3c751da8a8e4cd"><td class="memSeparator" colspan="2"> </td></tr> <tr class="memitem:aaabe3924726190b710f6b730734f665d"><td class="memItemLeft" align="right" valign="top">bool </td><td class="memItemRight" valign="bottom"><a class="el" href="a00016.html#aaabe3924726190b710f6b730734f665d">validate</a> (X509 *certEE, STACK_OF(X509)*certChain, const <a class="el" href="a00026.html">CredentialResolver</a> &credResolver, <a class="el" href="a00025.html">CredentialCriteria</a> *criteria=0) const </td></tr> <tr class="memdesc:aaabe3924726190b710f6b730734f665d"><td class="mdescLeft"> </td><td class="mdescRight">Determines whether an X.509 credential is valid with respect to the source of credentials supplied. <a href="#aaabe3924726190b710f6b730734f665d">More...</a><br /></td></tr> <tr class="separator:aaabe3924726190b710f6b730734f665d"><td class="memSeparator" colspan="2"> </td></tr> <tr class="inherit_header pub_methods_a00090"><td colspan="2" onclick="javascript:toggleInherit('pub_methods_a00090')"><img src="closed.png" alt="-"/> Public Member Functions inherited from <a class="el" href="a00090.html">xmltooling::TrustEngine</a></td></tr> <tr class="memitem:af7ffc921deb3e4a1f11b9b3367b6384e inherit pub_methods_a00090"><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="a00090.html#af7ffc921deb3e4a1f11b9b3367b6384e">setKeyInfoResolver</a> (<a class="el" href="a00047.html">KeyInfoResolver</a> *keyInfoResolver)</td></tr> <tr class="memdesc:af7ffc921deb3e4a1f11b9b3367b6384e inherit pub_methods_a00090"><td class="mdescLeft"> </td><td class="mdescRight">Supplies a <a class="el" href="a00047.html" title="Resolves credentials from KeyInfo information. ">KeyInfoResolver</a> instance. <a href="#af7ffc921deb3e4a1f11b9b3367b6384e">More...</a><br /></td></tr> <tr class="separator:af7ffc921deb3e4a1f11b9b3367b6384e inherit pub_methods_a00090"><td class="memSeparator" colspan="2"> </td></tr> </table><table class="memberdecls"> <tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="inherited"></a> Additional Inherited Members</h2></td></tr> <tr class="inherit_header pro_methods_a00078"><td colspan="2" onclick="javascript:toggleInherit('pro_methods_a00078')"><img src="closed.png" alt="-"/> Protected Member Functions inherited from <a class="el" href="a00078.html">xmltooling::SignatureTrustEngine</a></td></tr> <tr class="memitem:ad7cb1d545f43072df24633f678eec458 inherit pro_methods_a00078"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="a00078.html#ad7cb1d545f43072df24633f678eec458">SignatureTrustEngine</a> (const xercesc::DOMElement *e=0)</td></tr> <tr class="memdesc:ad7cb1d545f43072df24633f678eec458 inherit pro_methods_a00078"><td class="mdescLeft"> </td><td class="mdescRight">Constructor. <a href="#ad7cb1d545f43072df24633f678eec458">More...</a><br /></td></tr> <tr class="separator:ad7cb1d545f43072df24633f678eec458 inherit pro_methods_a00078"><td class="memSeparator" colspan="2"> </td></tr> <tr class="inherit_header pro_methods_a00090"><td colspan="2" onclick="javascript:toggleInherit('pro_methods_a00090')"><img src="closed.png" alt="-"/> Protected Member Functions inherited from <a class="el" href="a00090.html">xmltooling::TrustEngine</a></td></tr> <tr class="memitem:a05fb4c107b0635caa4e3d57e3f8d6163 inherit pro_methods_a00090"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="a00090.html#a05fb4c107b0635caa4e3d57e3f8d6163">TrustEngine</a> (const xercesc::DOMElement *e=0)</td></tr> <tr class="memdesc:a05fb4c107b0635caa4e3d57e3f8d6163 inherit pro_methods_a00090"><td class="mdescLeft"> </td><td class="mdescRight">Constructor. <a href="#a05fb4c107b0635caa4e3d57e3f8d6163">More...</a><br /></td></tr> <tr class="separator:a05fb4c107b0635caa4e3d57e3f8d6163 inherit pro_methods_a00090"><td class="memSeparator" colspan="2"> </td></tr> <tr class="inherit_header pro_methods_a00060"><td colspan="2" onclick="javascript:toggleInherit('pro_methods_a00060')"><img src="closed.png" alt="-"/> Protected Member Functions inherited from <a class="el" href="a00060.html">xmltooling::OpenSSLTrustEngine</a></td></tr> <tr class="memitem:a5d92bd15f757b8828f7d48a13e864543 inherit pro_methods_a00060"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="a00060.html#a5d92bd15f757b8828f7d48a13e864543">OpenSSLTrustEngine</a> (const xercesc::DOMElement *e=0)</td></tr> <tr class="memdesc:a5d92bd15f757b8828f7d48a13e864543 inherit pro_methods_a00060"><td class="mdescLeft"> </td><td class="mdescRight">Constructor. <a href="#a5d92bd15f757b8828f7d48a13e864543">More...</a><br /></td></tr> <tr class="separator:a5d92bd15f757b8828f7d48a13e864543 inherit pro_methods_a00060"><td class="memSeparator" colspan="2"> </td></tr> <tr class="inherit_header pro_methods_a00102"><td colspan="2" onclick="javascript:toggleInherit('pro_methods_a00102')"><img src="closed.png" alt="-"/> Protected Member Functions inherited from <a class="el" href="a00102.html">xmltooling::X509TrustEngine</a></td></tr> <tr class="memitem:a7d17feb8f75d33a402da3bb92f1d9ecd inherit pro_methods_a00102"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="a00102.html#a7d17feb8f75d33a402da3bb92f1d9ecd">X509TrustEngine</a> (const xercesc::DOMElement *e=0)</td></tr> <tr class="memdesc:a7d17feb8f75d33a402da3bb92f1d9ecd inherit pro_methods_a00102"><td class="mdescLeft"> </td><td class="mdescRight">Constructor. <a href="#a7d17feb8f75d33a402da3bb92f1d9ecd">More...</a><br /></td></tr> <tr class="separator:a7d17feb8f75d33a402da3bb92f1d9ecd inherit pro_methods_a00102"><td class="memSeparator" colspan="2"> </td></tr> <tr class="inherit_header pro_attribs_a00090"><td colspan="2" onclick="javascript:toggleInherit('pro_attribs_a00090')"><img src="closed.png" alt="-"/> Protected Attributes inherited from <a class="el" href="a00090.html">xmltooling::TrustEngine</a></td></tr> <tr class="memitem:af84955e8dfd27a678070ab46902c9ee3 inherit pro_attribs_a00090"><td class="memItemLeft" align="right" valign="top"><a class="el" href="a00047.html">KeyInfoResolver</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="a00090.html#af84955e8dfd27a678070ab46902c9ee3">m_keyInfoResolver</a></td></tr> <tr class="memdesc:af84955e8dfd27a678070ab46902c9ee3 inherit pro_attribs_a00090"><td class="mdescLeft"> </td><td class="mdescRight">Custom <a class="el" href="a00047.html" title="Resolves credentials from KeyInfo information. ">KeyInfoResolver</a> instance. <a href="#af84955e8dfd27a678070ab46902c9ee3">More...</a><br /></td></tr> <tr class="separator:af84955e8dfd27a678070ab46902c9ee3 inherit pro_attribs_a00090"><td class="memSeparator" colspan="2"> </td></tr> </table> <a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2> <div class="textblock"><p><a class="el" href="a00060.html" title="Extended TrustEngine interface that adds validation of X.509 credentials using OpenSSL data types dir...">OpenSSLTrustEngine</a> that uses multiple engines in sequence. </p> </div><h2 class="groupheader">Constructor & Destructor Documentation</h2> <a class="anchor" id="a5a341bac6db378fab8d7b606e8f4923c"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">xmltooling::ChainingTrustEngine::ChainingTrustEngine </td> <td>(</td> <td class="paramtype">const xercesc::DOMElement * </td> <td class="paramname"><em>e</em> = <code>0</code></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Constructor. </p> <p>If a DOM is supplied, the following XML content is supported:</p> <ul> <li> <<a class="el" href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re...">TrustEngine</a>> elements with a type attribute </li> </ul> <p>XML namespaces are ignored in the processing of this content.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">e</td><td>DOM to supply configuration for provider </td></tr> </table> </dd> </dl> </div> </div> <h2 class="groupheader">Member Function Documentation</h2> <a class="anchor" id="a56afdcef0535c285e7b77db63313819d"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname">void xmltooling::ChainingTrustEngine::addTrustEngine </td> <td>(</td> <td class="paramtype"><a class="el" href="a00090.html">TrustEngine</a> * </td> <td class="paramname"><em>newEngine</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Adds a trust engine for future calls. </p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">newEngine</td><td>trust engine to add </td></tr> </table> </dd> </dl> </div> </div> <a class="anchor" id="a62a0d411c4661df1873bca7a545b5719"></a> <div class="memitem"> <div class="memproto"> <table class="memname"> <tr> <td class="memname"><a class="el" href="a00090.html">TrustEngine</a>* xmltooling::ChainingTrustEngine::removeTrustEngine </td> <td>(</td> <td class="paramtype"><a class="el" href="a00090.html">TrustEngine</a> * </td> <td class="paramname"><em>oldEngine</em></td><td>)</td> <td></td> </tr> </table> </div><div class="memdoc"> <p>Removes a trust engine. </p> <p>The caller must delete the engine if necessary.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">oldEngine</td><td>trust engine to remove </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>the old engine </dd></dl> </div> </div> <a class="anchor" id="a1cf359a4acda59b722c7eeca1709128d"></a> <div class="memitem"> <div class="memproto"> <table class="mlabels"> <tr> <td class="mlabels-left"> <table class="memname"> <tr> <td class="memname">bool xmltooling::ChainingTrustEngine::validate </td> <td>(</td> <td class="paramtype"><a class="el" href="a00075.html">xmlsignature::Signature</a> & </td> <td class="paramname"><em>sig</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="a00026.html">CredentialResolver</a> & </td> <td class="paramname"><em>credResolver</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="a00025.html">CredentialCriteria</a> * </td> <td class="paramname"><em>criteria</em> = <code>0</code> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td> const</td> </tr> </table> </td> <td class="mlabels-right"> <span class="mlabels"><span class="mlabel">virtual</span></span> </td> </tr> </table> </div><div class="memdoc"> <p>Determines whether an XML signature is correct and valid with respect to the source of credentials supplied. </p> <p>It is the responsibility of the application to ensure that the credentials supplied are in fact associated with the peer who created the signature.</p> <p>If criteria with a peer name are supplied, the "name" of the <a class="el" href="a00023.html" title="Wraps keys and related functionality. ">Credential</a> that verifies the signature may also be checked to ensure that it identifies the intended peer. The peer name itself or implementation-specific rules based on the content of the peer credentials may be applied. Implementations may omit this check if they deem it unnecessary.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">sig</td><td>reference to a signature object to validate </td></tr> <tr><td class="paramname">credResolver</td><td>a locked resolver to supply trusted peer credentials to the <a class="el" href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re...">TrustEngine</a> </td></tr> <tr><td class="paramname">criteria</td><td>criteria for selecting peer credentials </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>true iff the signature validates </dd></dl> <p>Implements <a class="el" href="a00078.html#a74f1ac60bf084669bee5fa5e05a3800d">xmltooling::SignatureTrustEngine</a>.</p> </div> </div> <a class="anchor" id="a5fae687b73da045a2bf98b4d1a5ce2b0"></a> <div class="memitem"> <div class="memproto"> <table class="mlabels"> <tr> <td class="mlabels-left"> <table class="memname"> <tr> <td class="memname">bool xmltooling::ChainingTrustEngine::validate </td> <td>(</td> <td class="paramtype">const XMLCh * </td> <td class="paramname"><em>sigAlgorithm</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>sig</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">xmlsignature::KeyInfo * </td> <td class="paramname"><em>keyInfo</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const char * </td> <td class="paramname"><em>in</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">unsigned int </td> <td class="paramname"><em>in_len</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="a00026.html">CredentialResolver</a> & </td> <td class="paramname"><em>credResolver</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="a00025.html">CredentialCriteria</a> * </td> <td class="paramname"><em>criteria</em> = <code>0</code> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td> const</td> </tr> </table> </td> <td class="mlabels-right"> <span class="mlabels"><span class="mlabel">virtual</span></span> </td> </tr> </table> </div><div class="memdoc"> <p>Determines whether a raw signature is correct and valid with respect to the source of credentials supplied. </p> <p>It is the responsibility of the application to ensure that the Credentials supplied are in fact associated with the peer who created the signature.</p> <p>If criteria with a peer name are supplied, the "name" of the <a class="el" href="a00023.html" title="Wraps keys and related functionality. ">Credential</a> that verifies the signature may also be checked to ensure that it identifies the intended peer. The peer name itself or implementation-specific rules based on the content of the peer credentials may be applied. Implementations may omit this check if they deem it unnecessary.</p> <p>Note that the keyInfo parameter is not part of the implicitly trusted set of information supplied via the <a class="el" href="a00026.html" title="An API for resolving keys and certificates based on application criteria. ">CredentialResolver</a>, but rather advisory data that may have accompanied the signature itself.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">sigAlgorithm</td><td>XML Signature identifier for the algorithm used </td></tr> <tr><td class="paramname">sig</td><td>null-terminated base64-encoded signature value </td></tr> <tr><td class="paramname">keyInfo</td><td>KeyInfo object accompanying the signature, if any </td></tr> <tr><td class="paramname">in</td><td>the input data over which the signature was created </td></tr> <tr><td class="paramname">in_len</td><td>size of input data in bytes </td></tr> <tr><td class="paramname">credResolver</td><td>a locked resolver to supply trusted peer credentials to the <a class="el" href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re...">TrustEngine</a> </td></tr> <tr><td class="paramname">criteria</td><td>criteria for selecting peer credentials </td></tr> </table> </dd> </dl> <dl class="section return"><dt>Returns</dt><dd>true iff the signature validates </dd></dl> <p>Implements <a class="el" href="a00078.html#af938a253aaf7838aa6cc55ebbbab8395">xmltooling::SignatureTrustEngine</a>.</p> </div> </div> <a class="anchor" id="a70d090e043c2bc823f3c751da8a8e4cd"></a> <div class="memitem"> <div class="memproto"> <table class="mlabels"> <tr> <td class="mlabels-left"> <table class="memname"> <tr> <td class="memname">bool xmltooling::ChainingTrustEngine::validate </td> <td>(</td> <td class="paramtype">XSECCryptoX509 * </td> <td class="paramname"><em>certEE</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const std::vector< XSECCryptoX509 * > & </td> <td class="paramname"><em>certChain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="a00026.html">CredentialResolver</a> & </td> <td class="paramname"><em>credResolver</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="a00025.html">CredentialCriteria</a> * </td> <td class="paramname"><em>criteria</em> = <code>0</code> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td> const</td> </tr> </table> </td> <td class="mlabels-right"> <span class="mlabels"><span class="mlabel">virtual</span></span> </td> </tr> </table> </div><div class="memdoc"> <p>Determines whether an X.509 credential is valid with respect to the source of credentials supplied. </p> <p>It is the responsibility of the application to ensure that the credentials supplied are in fact associated with the peer who presented the credential.</p> <p>If criteria with a peer name are supplied, the "name" of the EE certificate may also be checked to ensure that it identifies the intended peer. The peer name itself or implementation-specific rules based on the content of the peer credentials may be applied. Implementations may omit this check if they deem it unnecessary.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">certEE</td><td>end-entity certificate to validate </td></tr> <tr><td class="paramname">certChain</td><td>the complete set of certificates presented for validation (includes certEE) </td></tr> <tr><td class="paramname">credResolver</td><td>a locked resolver to supply trusted peer credentials to the <a class="el" href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re...">TrustEngine</a> </td></tr> <tr><td class="paramname">criteria</td><td>criteria for selecting peer credentials </td></tr> </table> </dd> </dl> <p>Implements <a class="el" href="a00102.html#a8435cfccb28cfe7c24d81deb00033e72">xmltooling::X509TrustEngine</a>.</p> </div> </div> <a class="anchor" id="aaabe3924726190b710f6b730734f665d"></a> <div class="memitem"> <div class="memproto"> <table class="mlabels"> <tr> <td class="mlabels-left"> <table class="memname"> <tr> <td class="memname">bool xmltooling::ChainingTrustEngine::validate </td> <td>(</td> <td class="paramtype">X509 * </td> <td class="paramname"><em>certEE</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">STACK_OF(X509)* </td> <td class="paramname"><em>certChain</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype">const <a class="el" href="a00026.html">CredentialResolver</a> & </td> <td class="paramname"><em>credResolver</em>, </td> </tr> <tr> <td class="paramkey"></td> <td></td> <td class="paramtype"><a class="el" href="a00025.html">CredentialCriteria</a> * </td> <td class="paramname"><em>criteria</em> = <code>0</code> </td> </tr> <tr> <td></td> <td>)</td> <td></td><td> const</td> </tr> </table> </td> <td class="mlabels-right"> <span class="mlabels"><span class="mlabel">virtual</span></span> </td> </tr> </table> </div><div class="memdoc"> <p>Determines whether an X.509 credential is valid with respect to the source of credentials supplied. </p> <p>It is the responsibility of the application to ensure that the credentials supplied are in fact associated with the peer who presented the credential.</p> <p>If criteria with a peer name are supplied, the "name" of the EE certificate may also be checked to ensure that it identifies the intended peer. The peer name itself or implementation-specific rules based on the content of the peer credentials may be applied. Implementations may omit this check if they deem it unnecessary.</p> <dl class="params"><dt>Parameters</dt><dd> <table class="params"> <tr><td class="paramname">certEE</td><td>end-entity certificate to validate </td></tr> <tr><td class="paramname">certChain</td><td>the complete set of certificates presented for validation (includes certEE) </td></tr> <tr><td class="paramname">credResolver</td><td>a locked resolver to supply trusted peer credentials to the <a class="el" href="a00090.html" title="Evaluates the trustworthiness and validity of security information against implementation-specific re...">TrustEngine</a> </td></tr> <tr><td class="paramname">criteria</td><td>criteria for selecting peer credentials </td></tr> </table> </dd> </dl> <p>Implements <a class="el" href="a00060.html#a708542da5b9283fdbf5eca327804ca55">xmltooling::OpenSSLTrustEngine</a>.</p> </div> </div> <hr/>The documentation for this class was generated from the following file:<ul> <li>xmltooling/security/<a class="el" href="a00151.html">ChainingTrustEngine.h</a></li> </ul> </div><!-- contents --> </div><!-- doc-content --> <!-- start footer part --> <div id="nav-path" class="navpath"><!-- id is needed for treeview function! --> <ul> <li class="navelem"><a class="el" href="a00206.html">xmltooling</a></li><li class="navelem"><a class="el" href="a00016.html">ChainingTrustEngine</a></li> <li class="footer">Generated on Fri Oct 17 2014 12:44:58 for xmltooling by <a href="http://www.doxygen.org/index.html"> <img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.8.8 </li> </ul> </div> </body> </html>