app: XML Security Library Reference Manual

app

app — Application support functions for NSS.

Stability Level

Stable, unless otherwise indicated

Functions

int	xmlSecNssAppInit ()
int	xmlSecNssAppShutdown ()
int	xmlSecNssAppDefaultKeysMngrInit ()
int	xmlSecNssAppDefaultKeysMngrAdoptKey ()
int	xmlSecNssAppDefaultKeysMngrVerifyKey ()
int	xmlSecNssAppDefaultKeysMngrLoad ()
int	xmlSecNssAppDefaultKeysMngrSave ()
int	xmlSecNssAppKeysMngrCertLoad ()
int	xmlSecNssAppKeysMngrCertLoadMemory ()
int	xmlSecNssAppKeysMngrCertLoadSECItem ()
int	xmlSecNssAppKeysMngrCrlLoad ()
int	xmlSecNssAppKeysMngrCrlLoadMemory ()
xmlSecKeyPtr	xmlSecNssAppKeyLoadEx ()
xmlSecKeyPtr	xmlSecNssAppKeyLoadMemory ()
xmlSecKeyPtr	xmlSecNssAppKeyLoadSECItem ()
xmlSecKeyPtr	xmlSecNssAppPkcs12Load ()
xmlSecKeyPtr	xmlSecNssAppPkcs12LoadMemory ()
xmlSecKeyPtr	xmlSecNssAppPkcs12LoadSECItem ()
int	xmlSecNssAppKeyCertLoad ()
int	xmlSecNssAppKeyCertLoadMemory ()
int	xmlSecNssAppKeyCertLoadSECItem ()
xmlSecKeyPtr	xmlSecNssAppKeyFromCertLoadSECItem ()
void *	xmlSecNssAppGetDefaultPwdCallback ()

Description

Common functions for xmlsec1 command line utility tool for NSS.

Functions

xmlSecNssAppInit ()

int
xmlSecNssAppInit (const char *config);

General crypto engine initialization. This function is used by XMLSec command line utility and called before xmlSecInit function.

Parameters

config

the path to NSS database files.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppShutdown ()

int
xmlSecNssAppShutdown (void);

General crypto engine shutdown. This function is used by XMLSec command line utility and called after xmlSecShutdown function.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppDefaultKeysMngrInit ()

int
xmlSecNssAppDefaultKeysMngrInit (xmlSecKeysMngrPtr mngr);

Initializes mngr with NSS keys store xmlSecNssKeysStoreId and a default NSS crypto key data stores.

Parameters

mngr

the pointer to keys manager.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppDefaultKeysMngrAdoptKey ()

int
xmlSecNssAppDefaultKeysMngrAdoptKey (xmlSecKeysMngrPtr mngr,
                                     xmlSecKeyPtr key);

Adds key to the keys manager mngr created with xmlSecNssAppDefaultKeysMngrInit function.

Parameters

mngr	the pointer to keys manager.
key	the pointer to key.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppDefaultKeysMngrVerifyKey ()

int
xmlSecNssAppDefaultKeysMngrVerifyKey (xmlSecKeysMngrPtr mngr,
                                      xmlSecKeyPtr key,
                                      xmlSecKeyInfoCtxPtr keyInfoCtx);

Verifies key with the keys manager mngr created with xmlSecCryptoAppDefaultKeysMngrInit function:

Checks that key certificate is present
Checks that key certificate is valid

Adds key to the keys manager mngr created with xmlSecCryptoAppDefaultKeysMngrInit function.

Parameters

mngr	the pointer to keys manager.
key	the pointer to key.
keyInfoCtx	the key info context for verification.

Returns

1 if key is verified, 0 otherwise, or a negative value if an error occurs.

xmlSecNssAppDefaultKeysMngrLoad ()

int
xmlSecNssAppDefaultKeysMngrLoad (xmlSecKeysMngrPtr mngr,
                                 const char *uri);

Loads XML keys file from uri to the keys manager mngr created with xmlSecNssAppDefaultKeysMngrInit function.

Parameters

mngr	the pointer to keys manager.
uri	the uri.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppDefaultKeysMngrSave ()

int
xmlSecNssAppDefaultKeysMngrSave (xmlSecKeysMngrPtr mngr,
                                 const char *filename,
                                 xmlSecKeyDataType type);

Saves keys from mngr to XML keys file.

Parameters

mngr	the pointer to keys manager.
filename	the destination filename.
type	the type of keys to save (public/private/symmetric).

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeysMngrCertLoad ()

int
xmlSecNssAppKeysMngrCertLoad (xmlSecKeysMngrPtr mngr,
                              const char *filename,
                              xmlSecKeyDataFormat format,
                              xmlSecKeyDataType type);

Reads cert from filename and adds to the list of trusted or known untrusted certs in store

Parameters

mngr	the pointer to keys manager.
filename	the certificate file.
format	the certificate file format (PEM or DER).
type	the certificate type (trusted/untrusted).

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeysMngrCertLoadMemory ()

int
xmlSecNssAppKeysMngrCertLoadMemory (xmlSecKeysMngrPtr mngr,
                                    const xmlSecByte *data,
                                    xmlSecSize dataSize,
                                    xmlSecKeyDataFormat format,
                                    xmlSecKeyDataType type);

Reads cert from data and adds to the list of trusted or known untrusted certs in store

Parameters

mngr	the pointer to keys manager.
data	the certificatedata.
dataSize	the certificate data size.
format	the certificate format (PEM or DER).
type	the certificate type (trusted/untrusted).

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeysMngrCertLoadSECItem ()

int
xmlSecNssAppKeysMngrCertLoadSECItem (xmlSecKeysMngrPtr mngr,
                                     SECItem *secItem,
                                     xmlSecKeyDataFormat format,
                                     xmlSecKeyDataType type);

Reads cert from secItem and adds to the list of trusted or known untrusted certs in store

Parameters

mngr	the pointer to keys manager.
secItem	the pointer to SECItem.
format	the certificate format (PEM or DER).
type	the certificate type (trusted/untrusted).

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeysMngrCrlLoad ()

int
xmlSecNssAppKeysMngrCrlLoad (xmlSecKeysMngrPtr mngr,
                             const char *filename,
                             xmlSecKeyDataFormat format);

Reads crl from filename and adds to the list of crls in store

Parameters

mngr	the pointer to keys manager.
filename	the CRL file.
format	the CRL file format (PEM or DER).

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeysMngrCrlLoadMemory ()

int
xmlSecNssAppKeysMngrCrlLoadMemory (xmlSecKeysMngrPtr mngr,
                                   const xmlSecByte *data,
                                   xmlSecSize dataSize,
                                   xmlSecKeyDataFormat format);

Reads crl from data and adds to the list of crls in store

Parameters

mngr	the pointer to keys manager.
data	the CRL data.
dataSize	the CRL data size.
format	the CRL format (PEM or DER).

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeyLoadEx ()

xmlSecKeyPtr
xmlSecNssAppKeyLoadEx (const char *filename,
                       xmlSecKeyDataType type,
                       xmlSecKeyDataFormat format,
                       const char *pwd,
                       void *pwdCallback,
                       void *pwdCallbackCtx);

Reads key from a file

Parameters

filename	the key filename.
type	the key type (public / private).
format	the key file format.
pwd	the key file password.
pwdCallback	the key password callback.
pwdCallbackCtx	the user context for password callback.

Returns

pointer to the key or NULL if an error occurs.

xmlSecNssAppKeyLoadMemory ()

xmlSecKeyPtr
xmlSecNssAppKeyLoadMemory (const xmlSecByte *data,
                           xmlSecSize dataSize,
                           xmlSecKeyDataFormat format,
                           const char *pwd,
                           void *pwdCallback,
                           void *pwdCallbackCtx);

Reads key from a binary data .

Parameters

data	the key binary data.
dataSize	the key binary data size.
format	the key data format.
pwd	the key data2 password.
pwdCallback	the key password callback.
pwdCallbackCtx	the user context for password callback.

Returns

pointer to the key or NULL if an error occurs.

xmlSecNssAppKeyLoadSECItem ()

xmlSecKeyPtr
xmlSecNssAppKeyLoadSECItem (SECItem *secItem,
                            xmlSecKeyDataFormat format,
                            const char *pwd,
                            void *pwdCallback,
                            void *pwdCallbackCtx);

Reads key from a file

Parameters

secItem	the pointer to sec item.
format	the key format.
pwd	the key password.
pwdCallback	the key password callback.
pwdCallbackCtx	the user context for password callback.

Returns

pointer to the key or NULL if an error occurs.

xmlSecNssAppPkcs12Load ()

xmlSecKeyPtr
xmlSecNssAppPkcs12Load (const char *filename,
                        const char *pwd,
                        void *pwdCallback,
                        void *pwdCallbackCtx);

Reads key and all associated certificates from the PKCS12 file. For uniformity, call xmlSecNssAppKeyLoadEx instead of this function. Pass in format=xmlSecKeyDataFormatPkcs12.

Parameters

filename	the PKCS12 key filename.
pwd	the PKCS12 file password.
pwdCallback	the password callback.
pwdCallbackCtx	the user context for password callback.

Returns

pointer to the key or NULL if an error occurs.

xmlSecNssAppPkcs12LoadMemory ()

xmlSecKeyPtr
xmlSecNssAppPkcs12LoadMemory (const xmlSecByte *data,
                              xmlSecSize dataSize,
                              const char *pwd,
                              void *pwdCallback,
                              void *pwdCallbackCtx);

Reads key and all associated certificates from the PKCS12 binary data. For uniformity, call xmlSecNssAppKeyLoadEx instead of this function. Pass in format=xmlSecKeyDataFormatPkcs12.

Parameters

data	the key binary data.
dataSize	the key binary data size.
pwd	the PKCS12 password.
pwdCallback	the password callback.
pwdCallbackCtx	the user context for password callback.

Returns

pointer to the key or NULL if an error occurs.

xmlSecNssAppPkcs12LoadSECItem ()

xmlSecKeyPtr
xmlSecNssAppPkcs12LoadSECItem (SECItem *secItem,
                               const char *pwd,
                               void *pwdCallback,
                               void *pwdCallbackCtx);

Reads key and all associated certificates from the PKCS12 SECItem. For uniformity, call xmlSecNssAppKeyLoadEx instead of this function. Pass in format=xmlSecKeyDataFormatPkcs12.

Parameters

secItem	the `SECItem` object.
pwd	the PKCS12 file password.
pwdCallback	the password callback.
pwdCallbackCtx	the user context for password callback.

Returns

pointer to the key or NULL if an error occurs.

xmlSecNssAppKeyCertLoad ()

int
xmlSecNssAppKeyCertLoad (xmlSecKeyPtr key,
                         const char *filename,
                         xmlSecKeyDataFormat format);

Reads the certificate from $filename and adds it to key

Parameters

key	the pointer to key.
filename	the certificate filename.
format	the certificate file format.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeyCertLoadMemory ()

int
xmlSecNssAppKeyCertLoadMemory (xmlSecKeyPtr key,
                               const xmlSecByte *data,
                               xmlSecSize dataSize,
                               xmlSecKeyDataFormat format);

Reads the certificate from data and adds it to key

Parameters

key	the pointer to key.
data	the key binary data.
dataSize	the key binary data size.
format	the certificate format.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeyCertLoadSECItem ()

int
xmlSecNssAppKeyCertLoadSECItem (xmlSecKeyPtr key,
                                SECItem *secItem,
                                xmlSecKeyDataFormat format);

Reads the certificate from secItem and adds it to key

Parameters

key	the pointer to key.
secItem	the pointer to SECItem.
format	the certificate format.

Returns

0 on success or a negative value otherwise.

xmlSecNssAppKeyFromCertLoadSECItem ()

xmlSecKeyPtr
xmlSecNssAppKeyFromCertLoadSECItem (SECItem *secItem,
                                    xmlSecKeyDataFormat format);

Loads public key from cert.

Parameters

secItem	the `SECItem` object.
format	the cert format.

Returns

pointer to key or NULL if an error occurs.

xmlSecNssAppGetDefaultPwdCallback ()

void *
xmlSecNssAppGetDefaultPwdCallback (void);

Gets default password callback.

Returns

default password callback.