XML Security Library

LibXML2
LibXSLT
OpenSSL

xmldsig

Name

xmldsig -- 

Synopsis


enum        xmlSecDSigStatus;
#define     XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS
#define     XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES
#define     XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES
#define     XMLSEC_DSIG_FLAGS_STORE_SIGNATURE
struct      xmlSecDSigCtx;
xmlSecDSigCtxPtr xmlSecDSigCtxCreate        (xmlSecKeysMngrPtr keysMngr);
void        xmlSecDSigCtxDestroy            (xmlSecDSigCtxPtr dsigCtx);
int         xmlSecDSigCtxInitialize         (xmlSecDSigCtxPtr dsigCtx,
                                             xmlSecKeysMngrPtr keysMngr);
void        xmlSecDSigCtxFinalize           (xmlSecDSigCtxPtr dsigCtx);
int         xmlSecDSigCtxSign               (xmlSecDSigCtxPtr dsigCtx,
                                             xmlNodePtr tmpl);
int         xmlSecDSigCtxVerify             (xmlSecDSigCtxPtr dsigCtx,
                                             xmlNodePtr node);
xmlSecBufferPtr xmlSecDSigCtxPreSignBuffer  (xmlSecDSigCtxPtr dsigCtx);
void        xmlSecDSigCtxDebugDump          (xmlSecDSigCtxPtr dsigCtx,
                                             FILE *output);
void        xmlSecDSigCtxDebugXmlDump       (xmlSecDSigCtxPtr dsigCtx,
                                             FILE *output);
enum        xmlSecDSigReferenceOrigin;
struct      xmlSecDSigReferenceCtx;
xmlSecDSigReferenceCtxPtr xmlSecDSigReferenceCtxCreate
                                            (xmlSecDSigCtxPtr dsigCtx,
                                             xmlSecDSigReferenceOrigin origin);
void        xmlSecDSigReferenceCtxDestroy   (xmlSecDSigReferenceCtxPtr dsigRefCtx);
int         xmlSecDSigReferenceCtxInitialize
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             xmlSecDSigCtxPtr dsigCtx,
                                             xmlSecDSigReferenceOrigin origin);
void        xmlSecDSigReferenceCtxFinalize  (xmlSecDSigReferenceCtxPtr dsigRefCtx);
int         xmlSecDSigReferenceCtxProcessNode
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             xmlNodePtr node);
xmlSecBufferPtr xmlSecDSigReferenceCtxPreDigestBuffer
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx);
void        xmlSecDSigReferenceCtxDebugDump (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             FILE *output);
void        xmlSecDSigReferenceCtxDebugXmlDump
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             FILE *output);
#define     xmlSecDSigReferenceCtxListId
xmlSecPtrListId xmlSecDSigReferenceCtxListGetKlass
                                            (void);

Description

Details

enum xmlSecDSigStatus

typedef enum {
    xmlSecDSigStatusUnknown = 0,
    xmlSecDSigStatusSucceeded,
    xmlSecDSigStatusInvalid
} xmlSecDSigStatus;

XML Digital signature processing status.

xmlSecDSigStatusUnknown the status is unknow.
xmlSecDSigStatusSucceeded the processing succeeded.
xmlSecDSigStatusInvalid the processing failed.


XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS

#define XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS			0x00000001

If this flag is set then <dsig:Manifests/> nodes will not be processed.


XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES

#define XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES		0x00000002

If this flag is set then pre-digest buffer for <dsig:Reference/> child of <dsig:KeyInfo/> element will be stored in xmlSecDSigCtx.


XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES

#define XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES		0x00000004

If this flag is set then pre-digest buffer for <dsig:Reference/> child of <dsig:Manifest/> element will be stored in xmlSecDSigCtx.


XMLSEC_DSIG_FLAGS_STORE_SIGNATURE

#define XMLSEC_DSIG_FLAGS_STORE_SIGNATURE			0x00000008

If this flag is set then pre-signature buffer for <dsig:SignedInfo/> element processing will be stored in xmlSecDSigCtx.


struct xmlSecDSigCtx

struct xmlSecDSigCtx {
    /* these data user can set before performing the operation */
    void*			userData;
    unsigned int		flags;
    unsigned int		flags2;
    xmlSecKeyInfoCtx		keyInfoReadCtx;
    xmlSecKeyInfoCtx		keyInfoWriteCtx;
    xmlSecTransformCtx		transformCtx;
    xmlSecTransformUriType	enabledReferenceUris;
    xmlSecPtrListPtr		enabledReferenceTransforms;
    xmlSecTransformCtxPreExecuteCallback referencePreExecuteCallback;
    xmlSecTransformId		defSignMethodId;
    xmlSecTransformId		defC14NMethodId;
    xmlSecTransformId		defDigestMethodId;
        
    /* these data are returned */
    xmlSecKeyPtr		signKey;
    xmlSecTransformOperation	operation;
    xmlSecBufferPtr		result;
    xmlSecDSigStatus		status;
    xmlSecTransformPtr		signMethod;
    xmlSecTransformPtr		c14nMethod;
    xmlSecTransformPtr		preSignMemBufMethod;
    xmlNodePtr			signValueNode;
    xmlChar*			id;    
    xmlSecPtrList    		signedInfoReferences;
    xmlSecPtrList		manifestReferences;

    /* reserved for future */
    void*			reserved0;
    void*			reserved1;    
};						

XML DSig processing context.

void *userData the pointer to user data (xmlsec and xmlsec-crypto libraries never touches this).
unsigned int flags the XML Digital Signature processing flags.
unsigned int flags2 the XML Digital Signature processing flags.
xmlSecKeyInfoCtx keyInfoReadCtx the reading key context.
xmlSecKeyInfoCtx keyInfoWriteCtx the writing key context (not used for signature verification).
xmlSecTransformCtx transformCtx the <dsig:SignedInfo/> node processing context.
xmlSecTransformUriType enabledReferenceUris the URI types allowed for <dsig:Reference/> node.
xmlSecPtrListPtr enabledReferenceTransforms the list of transforms allowed in <dsig:Reference/> node.
xmlSecTransformCtxPreExecuteCallback referencePreExecuteCallback the callback for <dsig:Reference/> node processing.
xmlSecTransformId defSignMethodId the default signing method klass.
xmlSecTransformId defC14NMethodId the default c14n method klass.
xmlSecTransformId defDigestMethodId the default digest method klass.
xmlSecKeyPtr signKey the signature key; application may set signKey before calling xmlSecDSigCtxSign or xmlSecDSigCtxVerify functions.
xmlSecTransformOperation operation the operation: sign or verify.
xmlSecBufferPtr result the pointer to signature (not valid for signature verificaction).
xmlSecDSigStatus status the <dsig:Signatuire/> procesisng status.
xmlSecTransformPtr signMethod the pointer to signature transform.
xmlSecTransformPtr c14nMethod the pointer to c14n transform.
xmlSecTransformPtr preSignMemBufMethod the pointer to binary buffer right before signature (valid only if XMLSEC_DSIG_FLAGS_STORE_SIGNATURE flag is set).
xmlNodePtr signValueNode the pointer to <dsig:SignatureValue/> node.
xmlChar *id the pointer to Id attribute of <dsig:Signature/> node.
xmlSecPtrList signedInfoReferences the list of references in <dsig:SignedInfo/> node.
xmlSecPtrList manifestReferences the list of references in <dsig:Manifest/> nodes.
void *reserved0 reserved for the future.
void *reserved1 reserved for the future.


xmlSecDSigCtxCreate ()

xmlSecDSigCtxPtr xmlSecDSigCtxCreate        (xmlSecKeysMngrPtr keysMngr);

keysMngr :  
Returns :  


xmlSecDSigCtxDestroy ()

void        xmlSecDSigCtxDestroy            (xmlSecDSigCtxPtr dsigCtx);

dsigCtx :  


xmlSecDSigCtxInitialize ()

int         xmlSecDSigCtxInitialize         (xmlSecDSigCtxPtr dsigCtx,
                                             xmlSecKeysMngrPtr keysMngr);

dsigCtx :  
keysMngr :  
Returns :  


xmlSecDSigCtxFinalize ()

void        xmlSecDSigCtxFinalize           (xmlSecDSigCtxPtr dsigCtx);

dsigCtx :  


xmlSecDSigCtxSign ()

int         xmlSecDSigCtxSign               (xmlSecDSigCtxPtr dsigCtx,
                                             xmlNodePtr tmpl);

dsigCtx :  
tmpl :  
Returns :  


xmlSecDSigCtxVerify ()

int         xmlSecDSigCtxVerify             (xmlSecDSigCtxPtr dsigCtx,
                                             xmlNodePtr node);

dsigCtx :  
node :  
Returns :  


xmlSecDSigCtxPreSignBuffer ()

xmlSecBufferPtr xmlSecDSigCtxPreSignBuffer  (xmlSecDSigCtxPtr dsigCtx);

dsigCtx :  
Returns :  


xmlSecDSigCtxDebugDump ()

void        xmlSecDSigCtxDebugDump          (xmlSecDSigCtxPtr dsigCtx,
                                             FILE *output);

dsigCtx :  
output :  


xmlSecDSigCtxDebugXmlDump ()

void        xmlSecDSigCtxDebugXmlDump       (xmlSecDSigCtxPtr dsigCtx,
                                             FILE *output);

dsigCtx :  
output :  


enum xmlSecDSigReferenceOrigin

typedef enum  {
    xmlSecDSigReferenceOriginSignedInfo,
    xmlSecDSigReferenceOriginManifest
} xmlSecDSigReferenceOrigin;

The possible <dsig:Reference/> node locations: in the <dsig:SignedInfo/> node or in the <dsig:Manifest/> node.

xmlSecDSigReferenceOriginSignedInfo reference in <dsig:SignedInfo> node.
xmlSecDSigReferenceOriginManifest reference <dsig:Manifest> node.


struct xmlSecDSigReferenceCtx

struct xmlSecDSigReferenceCtx {
    xmlSecDSigCtxPtr		dsigCtx;
    xmlSecDSigReferenceOrigin	origin;
    xmlSecTransformCtx		transformCtx;
    xmlSecTransformPtr		digestMethod;

    xmlSecBufferPtr		result;
    xmlSecDSigStatus		status;
    xmlSecTransformPtr		preDigestMemBufMethod;
    xmlChar*			id;
    xmlChar*			uri;
    xmlChar*			type;
    
     /* reserved for future */
    void*			reserved0;
    void*			reserved1;    
};

The <dsig:Reference/> processing context.

xmlSecDSigCtxPtr dsigCtx the pointer to "parent" <dsig:Signature/> processing context.
xmlSecDSigReferenceOrigin origin the signature origin (<dsig:SignedInfo/> or <dsig:Manifest/>).
xmlSecTransformCtx transformCtx the reference processing transforms context.
xmlSecTransformPtr digestMethod the pointer to digest transform.
xmlSecBufferPtr result the pointer to digest result.
xmlSecDSigStatus status the reference processing status.
xmlSecTransformPtr preDigestMemBufMethod the pointer to binary buffer right before digest (valid only if either XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES or XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES flags are set).
xmlChar *id the <dsig:Reference/> node ID attribute.
xmlChar *uri the <dsig:Reference/> node URI attribute.
xmlChar *type the <dsig:Reference/> node Type attribute.
void *reserved0 reserved for the future.
void *reserved1 reserved for the future.


xmlSecDSigReferenceCtxCreate ()

xmlSecDSigReferenceCtxPtr xmlSecDSigReferenceCtxCreate
                                            (xmlSecDSigCtxPtr dsigCtx,
                                             xmlSecDSigReferenceOrigin origin);

dsigCtx :  
origin :  
Returns :  


xmlSecDSigReferenceCtxDestroy ()

void        xmlSecDSigReferenceCtxDestroy   (xmlSecDSigReferenceCtxPtr dsigRefCtx);

dsigRefCtx :  


xmlSecDSigReferenceCtxInitialize ()

int         xmlSecDSigReferenceCtxInitialize
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             xmlSecDSigCtxPtr dsigCtx,
                                             xmlSecDSigReferenceOrigin origin);

dsigRefCtx :  
dsigCtx :  
origin :  
Returns :  


xmlSecDSigReferenceCtxFinalize ()

void        xmlSecDSigReferenceCtxFinalize  (xmlSecDSigReferenceCtxPtr dsigRefCtx);

dsigRefCtx :  


xmlSecDSigReferenceCtxProcessNode ()

int         xmlSecDSigReferenceCtxProcessNode
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             xmlNodePtr node);

The Reference Element (http://www.w3.org/TR/xmldsig-core/sec-Reference)

Reference is an element that may occur one or more times. It specifies a digest algorithm and digest value, and optionally an identifier of the object being signed, the type of the object, and/or a list of transforms to be applied prior to digesting. The identification (URI) and transforms describe how the digested content (i.e., the input to the digest method) was created. The Type attribute facilitates the processing of referenced data. For example, while this specification makes no requirements over external data, an application may wish to signal that the referent is a Manifest. An optional ID attribute permits a Reference to be referenced from elsewhere.

Schema Definition:

<element name="Reference" type="ds:ReferenceType"/> <complexType name="ReferenceType"> <sequence> <element ref="ds:Transforms" minOccurs="0"/> <element ref="ds:DigestMethod"/> <element ref="ds:DigestValue"/> </sequence> <attribute name="Id" type="ID" use="optional"/> <attribute name="URI" type="anyURI" use="optional"/> <attribute name="Type" type="anyURI" use="optional"/> </complexType> DTD: <!ELEMENT Reference (Transforms?, DigestMethod, DigestValue) > <!ATTLIST Reference Id ID IMPLIED URI CDATA IMPLIED Type CDATA IMPLIED>

dsigRefCtx :  
node :  
Returns :  


xmlSecDSigReferenceCtxPreDigestBuffer ()

xmlSecBufferPtr xmlSecDSigReferenceCtxPreDigestBuffer
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx);

dsigRefCtx :  
Returns :  


xmlSecDSigReferenceCtxDebugDump ()

void        xmlSecDSigReferenceCtxDebugDump (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             FILE *output);

dsigRefCtx :  
output :  


xmlSecDSigReferenceCtxDebugXmlDump ()

void        xmlSecDSigReferenceCtxDebugXmlDump
                                            (xmlSecDSigReferenceCtxPtr dsigRefCtx,
                                             FILE *output);

dsigRefCtx :  
output :  


xmlSecDSigReferenceCtxListId

#define     xmlSecDSigReferenceCtxListId

The references list klass.


xmlSecDSigReferenceCtxListGetKlass ()

xmlSecPtrListId xmlSecDSigReferenceCtxListGetKlass
                                            (void);

Returns :  



Aleksey Sanin