xmldsig.h

XML Security Library Reference Manual
<<< Previous Page	Home	Up	Next Page >>>

Details

struct xmlSecDSigCtx

struct xmlSecDSigCtx {
    int				processManifests;
    int				storeSignatures;
    int				storeReferences;
    int				storeManifests;	
    int				fakeSignatures;

    xmlSecKeyInfoCtx		keyInfoCtx;
};

XML DSig context.

int `processManifests`	if 0 then <dsig:Manifests> nodes are not processed.
int `storeSignatures`	store the signed content just (<dsig:SignedInfo> element) before applying signature.
int `storeReferences`	store the result of processing <dsig:Reference> nodes in <dsig:SignedInfo> nodes just before digesting.
int `storeManifests`	store the result of processing <dsig:Reference> nodes in <dsig:Manifest> nodes just before digesting (ignored if `processManifest` is 0).
int `fakeSignatures`	for performance testing only.
xmlSecKeyInfoCtx `keyInfoCtx`

struct xmlSecDSigResult

struct xmlSecDSigResult {
    xmlSecDSigCtxPtr		ctx;
    void			*context;
    xmlNodePtr			self;
    int				sign;
    xmlSecTransformStatus	result;
    xmlSecTransformId		signMethod;
    xmlSecKeyPtr		key;
    xmlSecReferenceResultPtr	firstSignRef;
    xmlSecReferenceResultPtr	lastSignRef;
    xmlSecReferenceResultPtr	firstManifestRef;
    xmlSecReferenceResultPtr	lastManifestRef; 
    xmlSecBufferPtr		buffer;
};

XML DSig Result.

xmlSecDSigCtxPtr `ctx`	the DSig context xmlSecDSigCtx.
void *`context`	the pointer to application specific data.
xmlNodePtr `self`	the pointer to <dsig:Signature> node.
int `sign`	the sign/verify flag.
xmlSecTransformStatus `result`	the signature verification/generation status.
xmlSecTransformId `signMethod`	the signature algorithm .
xmlSecKeyPtr `key`	the pointer to signature key.
xmlSecReferenceResultPtr `firstSignRef`	the pointer to the first <dsig:SignedInfo> reference result.
xmlSecReferenceResultPtr `lastSignRef`	the pointer to the last <dsig:SignedInfo> reference result.
xmlSecReferenceResultPtr `firstManifestRef`	the pointer to the first <dsig:Manifest> reference result (valid only if the processManifests flag in `ctx` is set to 1).
xmlSecReferenceResultPtr `lastManifestRef`	the pointer to the last <dsig:Manifest> reference result (valid only if the processManifests flag in `ctx` is set to 1).
xmlSecBufferPtr `buffer`	the pointer to the signed content - the canonicalization of <dsig:SignedInfo> node (valid only if the storeSignatures flag in ctx structure is set to 1).

enum xmlSecReferenceType

typedef enum  {
    xmlSecSignedInfoReference,
    xmlSecManifestReference
} xmlSecReferenceType;

The possible <dsig:Reference> node locations: in the <dsig:SignedInfo> node or in the <dsig:Manifest> node.

`xmlSecSignedInfoReference`	reference in <dsig:SignedInfo> node.
`xmlSecManifestReference`	reference <dsig:Manifest> node.

struct xmlSecReferenceResult

struct xmlSecReferenceResult {
    xmlSecDSigCtxPtr		ctx;
    xmlNodePtr			self;
    xmlSecReferenceType		refType;
    xmlSecTransformStatus	result;
    xmlSecReferenceResultPtr	next;
    xmlSecReferenceResultPtr	prev;
    xmlChar			*uri;
    xmlChar			*id;
    xmlChar			*type;
    xmlSecTransformId		digestMethod;
    xmlSecBufferPtr		buffer;
};

The result of <dsig:Reference> processing.

xmlSecDSigCtxPtr `ctx`	the pointer to DSig context.
xmlNodePtr `self`	the pointer to <dsig:Reference> node.
xmlSecReferenceType `refType`	the <dsig:Reference> node location.
xmlSecTransformStatus `result`	the verification/generation result.
xmlSecReferenceResultPtr `next`	the next reference result.
xmlSecReferenceResultPtr `prev`	the prev reference result.
xmlChar *`uri`	the <dsig:Reference> node URI attribute.
xmlChar *`id`	the <dsig:Reference> node Id attribute.
xmlChar *`type`	the <dsig:Reference> node Type attribute.
xmlSecTransformId `digestMethod`	the used digest algorithm id.
xmlSecBufferPtr `buffer`	the pointer to digested content (valid only if the storeReferences or storeManifests flags in xmlSecDSigCtx).

xmlSecDSigCtxCreate ()

xmlSecDSigCtxPtr xmlSecDSigCtxCreate        (xmlSecKeysMngrPtr keysMngr);

Creates new xmlSecDSigCtx structure.

`keysMngr` :
Returns :	pointer to newly allocated xmlSecDSigCtx structure or NULL if an error occurs.

xmlSecDSigCtxDestroy ()

void        xmlSecDSigCtxDestroy            (xmlSecDSigCtxPtr ctx);

Destroys xmlSecDSigCtx structure ctx.

ctx : the pointer to xmlSecDSigCtx structure.

xmlSecDSigValidate ()

int         xmlSecDSigValidate              (xmlSecDSigCtxPtr ctx,
                                             void *context,
                                             xmlSecKeyPtr key,
                                             xmlNodePtr signNode,
                                             xmlSecDSigResultPtr *result);

Validates the signature in signNode and stores the pointer to validation result structure xmlSecDSigResult in the result.

`ctx` :	the pointer to xmlSecDSigCtx structure.
`context` :	the pointer to application specific data that will be passed to all callback functions.
`key` :	the key to use (if NULL then the key specified in <dsig:KeyInfo> will be used).
`signNode` :	the pointer to <dsig:Signature> node that will be validated.
`result` :	the pointer where to store validation results.
Returns :	0 if there were no processing errors during validation or a negative value otherwise. The return value equal to 0 DOES NOT mean that the signature is valid: check the result member of xmlSecDSigResult structure instead.

xmlSecDSigGenerate ()

int         xmlSecDSigGenerate              (xmlSecDSigCtxPtr ctx,
                                             void *context,
                                             xmlSecKeyPtr key,
                                             xmlNodePtr signNode,
                                             xmlSecDSigResultPtr *result);

Signs the data according to the template in signNode node.

`ctx` :	the pointer to xmlSecDSigCtx structure.
`context` :	the pointer to application specific data that will be passed to all callback functions.
`key` :	the key to use (if NULL then the key specified in <dsig:KeyInfo> will be used).
`signNode` :	the pointer to <dsig:Signature> template node.
`result` :	the pointer where to store signature results.
Returns :	0 on success and a negative value otherwise.

xmlSecDSigResultCreate ()

xmlSecDSigResultPtr xmlSecDSigResultCreate  (xmlSecDSigCtxPtr ctx,
                                             void *context,
                                             xmlNodePtr signNode,
                                             int sign);

Creates new xmlSecDSigResult structure.

`ctx` :	the pointer to xmlSecDSigCtx structure.
`context` :	the pointer to application specific data that will be passed to all callback functions.
`signNode` :	the pointer to <dsig:Signature> node that will be validated.
`sign` :	the sign or verify flag.
Returns :	newly created xmlSecDSigResult structure or NULL if an error occurs.

xmlSecDSigResultDestroy ()

void        xmlSecDSigResultDestroy         (xmlSecDSigResultPtr result);

Destroys the xmlSecDSigResult structure result.

result : the pointer to xmlSecDSigResult structure.

xmlSecDSigResultDebugDump ()

void        xmlSecDSigResultDebugDump       (xmlSecDSigResultPtr result,
                                             FILE *output);

Prints the xmlSecDSigResult structure result to file output.

`result` :	the pointer to xmlSecDSigResult structure.
`output` :	the pointer to destination FILE.

xmlSecDSigResultDebugXmlDump ()

void        xmlSecDSigResultDebugXmlDump    (xmlSecDSigResultPtr result,
                                             FILE *output);

Prints the xmlSecDSigResult structure result to file output in XML format.

`result` :	the pointer to xmlSecDSigResult structure.
`output` :	the pointer to destination FILE.