XML Security Library

LibXML2
LibXSLT
OpenSSL

Aleksey Sanin

Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.

Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided also that the entire resulting derived work is distributed under the terms of a permission notice identical to this one.

Permission is granted to copy and distribute translations of this manual into another language, under the above conditions for modified versions.

Abstract

This manual documents the interfaces of the xmlsec library and has some short notes to help get you up to speed with using the library.


I. XML Security Library Tutorial
Overview.
XML Security Library Structure.
Building the application with XML Security Library.
Overview.
Include files.
Compiling and linking on Unix.
Compiling and linking on Windows.
Compiling and linking on other systems.
Initialization and shutdown.
Signing and encrypting documents.
Overview.
Signing a document.
Encrypting data.
Creating dynamic templates.
Overview.
Creating dynamic signature templates.
Creating dynamic encryption templates.
Verifing and decrypting documents.
Overview.
Verifying a signed document
Decrypting an encrypted document
Keys.
Keys manager.
Overview.
Simple keys store.
Using keys manager for signatures/encryption.
Using keys manager for verification/decryption.
Implementing a custom keys store.
Using X509 Certificates.
Overview.
Signing data with X509 certificate.
Verifing document signed with X509 certificates.
Transforms and transforms chain.
Using context objects.
Adding support for new cryptographic library.
Overview.
Creating a framework from the skeleton.
xmlSecCryptoApp* functions.
Klasses and objects.
Cryptographic transforms.
Keys data and keys data stores.
Default keys manager.
Sharing the results.
Examples.
XML Security Library Examples.
Signing a template file.
sign1.c
sign1-tmpl.xml
sign1-res.xml
Signing a dynamicaly created template.
sign2.c
sign2-doc.xml
sign2-res.xml
Signing with X509 certificate.
sign3.c
sign3-doc.xml
sign3-res.xml
Verifying a signature with a single key.
verify1.c
Verifying a signature with keys manager.
verify2.c
Verifying a signature with X509 certificates.
verify3.c
Verifying a signature with additional restrictions.
verify4.c
verify4-tmpl.xml
verify4-res.xml
verify4-bad-tmpl.xml
verify4-bad-res.xml
Encrypting data with a template file.
encrypt1.c
encrypt1-tmpl.xml
encrypt1-res.xml
Encrypting data with a dynamicaly created template.
encrypt2.c
encrypt2-doc.xml
encrypt2-res.xml
Encrypting data with a session key.
encrypt3.c
encrypt3-doc.xml
encrypt3-res.xml
Decrypting data with a single key.
decrypt1.c
Decrypting data with keys manager.
decrypt2.c
Writing a custom keys manager.
decrypt3.c
APPENDIX A. XML Security Library Signature Klasses.
APPENDIX B. XML Security Library Encryption Klasses.
II. XML Security Library API Reference.
XML Security Core Library API Reference.
app — Crypto-engine independent application support function.
base64 — Base64 encoding/decoding functions.
bn — Big numbers support functions.
buffer — Binary buffer implementation.
dl — Dynamic crypto-engine library loading support.
errors — Error/log messages support.
io — Input/output support.
keyinfo — <dsig:KeyInfo/> node parser.
keysdata — Crypto key data object definition.
keys — Crypto key object definition.
keysmngr — Keys manager object support.
list — Generic list structure implementation.
membuf — Memory buffer transform implementation.
nodeset — Nodeset object implementation.
parser — Parser transform implementation.
templates — Dynamic templates creation functions.
transforms — Transform object definition.
version — Version macros.
xmldsig — XML Digital Signature support.
xmlenc — XML Encryption support.
xmlsec — Utility functions.
xmltree — XML tree operations.
x509 — <dsig:X509Certificate/> node parser.
XML Security Library for OpenSLL API Reference.
app — Application functions implementation for OpenSSL.
bn — Big numbers helper functions.
crypto — Crypto transforms implementation for OpenSSL.
evp — EVP keys data implementation.
x509 — X509 certificates support implementation for OpenSSL.
XML Security Library for GnuTLS API Reference.
app — Application functions implementation for GnuTLS.
crypto — Crypto transforms implementation for GnuTLS.
x509 — X509 certificates support implementation for GnuTLS.
XML Security Library for GCrypt API Reference.
app — Application functions implementation for GnuTLS.
crypto — Crypto transforms implementation for GCrypt.
XML Security Library for NSS API Reference.
app — Application functions implementation for NSS.
bignum — Big numbers helper functions.
crypto — Crypto transforms implementation for NSS.
keysstore — Keys store implementation for NSS.
pkikeys — PKI keys data implementation.
x509 — X509 certificates support implementation for NSS.
XML Security Library for MSCrypto API Reference.
app — Application functions implementation for MS Crypto.
certkeys — MS Crypto certificates helper functions.
crypto — Crypto transforms implementation for MS Crypto.
keysstore — Keys store implementation for MS Crypto.
x509 — X509 certificates support implementation for MS Crypto.
XML Security Library Reference Index