XML Security Library

LibXML2
LibXSLT
OpenSSL

Aleksey Sanin

Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.

Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided also that the entire resulting derived work is distributed under the terms of a permission notice identical to this one.

Permission is granted to copy and distribute translations of this manual into another language, under the above conditions for modified versions.

Abstract

This manual documents the interfaces of the xmlsec library and has some short notes to help get you up to speed with using the library.


I. XML Security Library Tutorial
Overview.
XML Security Library Structure.
Building the application with XML Security Library.
Overview.
Include files.
Compiling and linking on Unix.
Compiling and linking on Windows.
Compiling and linking on other systems.
Initialization and shutdown.
Signing and encrypting documents.
Overview.
Signing a document.
Encrypting data.
Creating dynamic templates.
Overview.
Creating dynamic signature templates.
Creating dynamic encryption templates.
Verifing and decrypting documents.
Overview.
Verifying a signed document
Decrypting an encrypted document
Keys.
Keys manager.
Overview.
Simple keys store.
Using keys manager for signatures/encryption.
Using keys manager for verification/decryption.
Implementing a custom keys store.
Using X509 Certificates.
Overview.
Signing data with X509 certificate.
Verifing document signed with X509 certificates.
Transforms and transforms chain.
Using context objects.
Adding support for new cryptographic library.
Overview.
Creating a framework from the skeleton.
xmlSecCryptoApp* functions.
Klasses and objects.
Cryptographic transforms.
Keys data and keys data stores.
Default keys manager.
Sharing the results.
Examples.
XML Security Library Examples.
Signing a template file.
sign1.c
sign1-tmpl.xml
sign1-res.xml
Signing a dynamicaly created template.
sign2.c
sign2-doc.xml
sign2-res.xml
Signing with X509 certificate.
sign3.c
sign3-doc.xml
sign3-res.xml
Verifying a signature with a single key.
verify1.c
Verifying a signature with keys manager.
verify2.c
Verifying a signature with X509 certificates.
verify3.c
Verifying a signature with additional restrictions.
verify4.c
verify4-tmpl.xml
verify4-res.xml
verify4-bad-tmpl.xml
verify4-bad-res.xml
Encrypting data with a template file.
encrypt1.c
encrypt1-tmpl.xml
encrypt1-res.xml
Encrypting data with a dynamicaly created template.
encrypt2.c
encrypt2-doc.xml
encrypt2-res.xml
Encrypting data with a session key.
encrypt3.c
encrypt3-doc.xml
encrypt3-res.xml
Decrypting data with a single key.
decrypt1.c
Decrypting data with keys manager.
decrypt2.c
Writing a custom keys manager.
decrypt3.c
APPENDIX A. XML Security Library Signature Klasses.
APPENDIX B. XML Security Library Encryption Klasses.
II. XML Security Library API Reference.
XML Security Core Library API Reference.
app — Crypto-engine independent application support functions.
base64 — Base64 encoding/decoding functions and base64 transform implementation.
bn — Big numbers support functions.
buffer — Binary memory buffer functions.
dl — Dynamic crypto-engine library loading functions.
errors — Error reporting and logging functions.
io — Input/output functions.
keyinfo — <dsig:KeyInfo/> node parser functions.
keysdata — Crypto key data object functions.
keys — Crypto key object functions.
keysmngr — Keys manager object functions.
list — Generic list structure functions.
membuf — Memory buffer transform functions.
nodeset — XML nodes set functions
parser — XML parser functions and the XML parser transform implementation.
templates — XML signature and encryption template functions.
transforms — Transform object functions.
version — Version macros.
xmldsig — XML Digital Signature functions.
xmlenc — XML Encryption support.
xmlsec — Utility functions.
xmltree — XML tree functions.
x509 — <dsig:X509Certificate/> node parser functions.
XML Security Library for OpenSLL API Reference.
app — Application support functions for OpenSSL.
bn — Big numbers (BIGNUM) support functions implementation for OpenSSL.
crypto — Crypto transforms implementation for OpenSSL.
evp — Private/public (EVP) keys implementation for OpenSSL.
x509 — X509 certificates implementation for OpenSSL.
XML Security Library for GnuTLS API Reference.
app — Application support functions for GnuTLS.
crypto — Crypto transforms implementation for GnuTLS.
x509 — X509 certificates implementation for GnuTLS.
XML Security Library for GCrypt API Reference.
app — Application support functions for GCrypt.
crypto — Crypto transforms implementation for GCrypt.
XML Security Library for NSS API Reference.
app — Application support functions for NSS.
bignum — Big numbers support functions implementation for NSS.
crypto — Crypto transforms implementation for NSS.
keysstore — Keys store implementation for NSS.
pkikeys — Private/public keys implementation for NSS.
x509 — X509 certificates implementation for NSS.
XML Security Library for Microsoft Crypto API Reference.
app — Application support functions for Microsoft Crypto API.
certkeys — Certificate keys support functions for Microsoft Crypto API.
crypto — Crypto transforms implementation for Microsoft Crypto API.
keysstore — Keys store implementation for Microsoft Crypto API.
x509 — X509 certificates implementation for Microsoft Crypto API.
XML Security Library for Microsoft Cryptography API: Next Generation (CNG) Reference.
app — Application support functions for Microsoft Cryptography API: Next Generation (CNG).
certkeys — Certificate keys support functions for Microsoft Cryptography API: Next Generation (CNG).
crypto — Crypto transforms implementation for Microsoft Cryptography API: Next Generation (CNG).
keysstore — Keys store implementation for Microsoft Cryptography API: Next Generation (CNG).
x509 — X509 certificates implementation for Microsoft Cryptography API: Next Generation (CNG).
XML Security Library Reference Index