xmlenc

xmlenc — XML Encryption support.

Stability Level

Stable, unless otherwise indicated

Functions

xmlSecEncCtxPtr xmlSecEncCtxCreate ()
void xmlSecEncCtxDestroy ()
int xmlSecEncCtxInitialize ()
void xmlSecEncCtxFinalize ()
int xmlSecEncCtxCopyUserPref ()
void xmlSecEncCtxReset ()
int xmlSecEncCtxBinaryEncrypt ()
int xmlSecEncCtxXmlEncrypt ()
int xmlSecEncCtxUriEncrypt ()
int xmlSecEncCtxDecrypt ()
xmlSecBufferPtr xmlSecEncCtxDecryptToBuffer ()
void xmlSecEncCtxDebugDump ()
void xmlSecEncCtxDebugXmlDump ()
xmlSecKeyPtr xmlSecEncCtxDerivedKeyGenerate ()
xmlSecKeyPtr xmlSecEncCtxAgreementMethodGenerate ()
int xmlSecEncCtxAgreementMethodXmlWrite ()
const char * xmlSecEncCtxGetFailureReasonString ()

Types and Values

enum xmlEncCtxMode
enum xmlSecEncFailureReason
#define XMLSEC_ENC_RETURN_REPLACED_NODE
struct xmlSecEncCtx

Description

XML Encryption implementation.

Functions

xmlSecEncCtxCreate ()

xmlSecEncCtxPtr
xmlSecEncCtxCreate (xmlSecKeysMngrPtr keysMngr);

Creates <enc:EncryptedData/> element processing context. The caller is responsible for destroying returned object by calling xmlSecEncCtxDestroy function.

Parameters

keysMngr

the pointer to keys manager.

  

Returns

pointer to newly allocated context object or NULL if an error occurs.

xmlSecEncCtxDestroy ()

void
xmlSecEncCtxDestroy (xmlSecEncCtxPtr encCtx);

Destroy context object created with xmlSecEncCtxCreate function.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

xmlSecEncCtxInitialize ()

int
xmlSecEncCtxInitialize (xmlSecEncCtxPtr encCtx,
                        xmlSecKeysMngrPtr keysMngr);

Initializes <enc:EncryptedData/> element processing context. The caller is responsible for cleaning up returned object by calling xmlSecEncCtxFinalize function.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

keysMngr

the pointer to keys manager.

  

Returns

0 on success or a negative value if an error occurs.

xmlSecEncCtxFinalize ()

void
xmlSecEncCtxFinalize (xmlSecEncCtxPtr encCtx);

Cleans up encCtx object.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

xmlSecEncCtxCopyUserPref ()

int
xmlSecEncCtxCopyUserPref (xmlSecEncCtxPtr dst,
                          xmlSecEncCtxPtr src);

Copies user preference from src context to dst .

Parameters

dst

the pointer to destination context.

  

src

the pointer to source context.

  

Returns

0 on success or a negative value if an error occurs.

xmlSecEncCtxReset ()

void
xmlSecEncCtxReset (xmlSecEncCtxPtr encCtx);

Resets encCtx object, user settings are not touched.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

xmlSecEncCtxBinaryEncrypt ()

int
xmlSecEncCtxBinaryEncrypt (xmlSecEncCtxPtr encCtx,
                           xmlNodePtr tmpl,
                           const xmlSecByte *data,
                           xmlSecSize dataSize);

Encrypts data according to template tmpl .

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

tmpl

the pointer to <enc:EncryptedData/> template node.

  

data

the pointer for binary buffer.

  

dataSize

the data buffer size.

  

Returns

0 on success or a negative value if an error occurs.

xmlSecEncCtxXmlEncrypt ()

int
xmlSecEncCtxXmlEncrypt (xmlSecEncCtxPtr encCtx,
                        xmlNodePtr tmpl,
                        xmlNodePtr node);

Encrypts node according to template tmpl . If requested, node is replaced with result <enc:EncryptedData/> node.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

tmpl

the pointer to <enc:EncryptedData/> template node.

  

node

the pointer to node for encryption.

  

Returns

0 on success or a negative value if an error occurs.

xmlSecEncCtxUriEncrypt ()

int
xmlSecEncCtxUriEncrypt (xmlSecEncCtxPtr encCtx,
                        xmlNodePtr tmpl,
                        const xmlChar *uri);

Encrypts data from uri according to template tmpl .

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

tmpl

the pointer to <enc:EncryptedData/> template node.

  

uri

the URI.

  

Returns

0 on success or a negative value if an error occurs.

xmlSecEncCtxDecrypt ()

int
xmlSecEncCtxDecrypt (xmlSecEncCtxPtr encCtx,
                     xmlNodePtr node);

Decrypts node and if necessary replaces node with decrypted data.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

node

the pointer to <enc:EncryptedData/> node.

  

Returns

0 on success or a negative value if an error occurs.

xmlSecEncCtxDecryptToBuffer ()

xmlSecBufferPtr
xmlSecEncCtxDecryptToBuffer (xmlSecEncCtxPtr encCtx,
                             xmlNodePtr node);

Decrypts node data to the result.

Parameters

encCtx

the pointer to encryption processing context.

  

node

the pointer to <enc:EncryptedData/> node.

  

Returns

a buffer with key on success or NULL if an error occurs.

xmlSecEncCtxDebugDump ()

void
xmlSecEncCtxDebugDump (xmlSecEncCtxPtr encCtx,
                       FILE *output);

Prints the debug information about encCtx to output .

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

output

the pointer to output FILE.

  

xmlSecEncCtxDebugXmlDump ()

void
xmlSecEncCtxDebugXmlDump (xmlSecEncCtxPtr encCtx,
                          FILE *output);

Prints the debug information about encCtx to output in XML format.

Parameters

encCtx

the pointer to <enc:EncryptedData/> processing context.

  

output

the pointer to output FILE.

  

xmlSecEncCtxDerivedKeyGenerate ()

xmlSecKeyPtr
xmlSecEncCtxDerivedKeyGenerate (xmlSecEncCtxPtr encCtx,
                                xmlSecKeyDataId keyId,
                                xmlNodePtr node,
                                xmlSecKeyInfoCtxPtr keyInfoCtx);

Generates (derives) key from node (https://www.w3.org/TR/xmlenc-core1/sec-DerivedKey):

 <element name="DerivedKey" type="xenc11:DerivedKeyType"/>
 <complexType name="DerivedKeyType">
     <sequence>
         <element ref="xenc11:KeyDerivationMethod" minOccurs="0"/>
         <element ref="xenc:ReferenceList" minOccurs="0"/>
         <element name="DerivedKeyName" type="string" minOccurs="0"/>
         <element name="MasterKeyName" type="string" minOccurs="0"/>
     </sequence>
     <attribute name="Recipient" type="string" use="optional"/>
     <attribute name="Id" type="ID" use="optional"/>
     <attribute name="Type" type="anyURI" use="optional"/>
 </complexType>

 <element name="KeyDerivationMethod" type="xenc:KeyDerivationMethodType"/>
 <complexType name="KeyDerivationMethodType">
     <sequence>
         <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
     </sequence>
     <attribute name="Algorithm" type="anyURI" use="required"/>
 </complexType>

Parameters

encCtx

the pointer to encryption processing context.

  

keyId

the expected key id, the actual derived key might have a different id.

  

node

the pointer to <enc11:DerivedKey/> node.

  

keyInfoCtx

the pointer to the "parent" key info context.

  

Returns

the derived key on success or NULL if an error occurs.

xmlSecEncCtxAgreementMethodGenerate ()

xmlSecKeyPtr
xmlSecEncCtxAgreementMethodGenerate (xmlSecEncCtxPtr encCtx,
                                     xmlSecKeyDataId keyId,
                                     xmlNodePtr node,
                                     xmlSecKeyInfoCtxPtr keyInfoCtx);

Generates (derives) key from node (https://www.w3.org/TR/xmlenc-core1/sec-AgreementMethod):

 <element name="AgreementMethod" type="xenc:AgreementMethodType"/>
 <complexType name="AgreementMethodType" mixed="true">
     <sequence>
         <element name="KA-Nonce" minOccurs="0" type="base64Binary"/>
         <!-- <element ref="ds:DigestMethod" minOccurs="0"/> -->
         <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
         <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
         <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
     </sequence>
     <attribute name="Algorithm" type="anyURI" use="required"/>
 </complexType>

Parameters

encCtx

the pointer to encryption processing context.

  

keyId

the expected key id, the actual derived key might have a different id.

  

node

the pointer to <enc:AgreementMethod/> node.

  

keyInfoCtx

the pointer to the "parent" key info context.

  

Returns

the generated key on success or NULL if an error occurs.

xmlSecEncCtxAgreementMethodXmlWrite ()

int
xmlSecEncCtxAgreementMethodXmlWrite (xmlSecEncCtxPtr encCtx,
                                     xmlNodePtr node,
                                     xmlSecKeyInfoCtxPtr keyInfoCtx);

xmlSecEncCtxGetFailureReasonString ()

const char *
xmlSecEncCtxGetFailureReasonString (xmlSecEncFailureReason failureReason);

Gets failure reason as a string.

Returns failure reason as a string.

Parameters

failureReason

the failure reason.

  

Types and Values

enum xmlEncCtxMode

The xmlSecEncCtx mode.

Members

xmlEncCtxModeEncryptedData

the <enc:EncryptedData/> element procesing.

  

xmlEncCtxModeEncryptedKey

the <enc:EncryptedKey/> element processing.

  

enum xmlSecEncFailureReason

XML Encryption processing failure reason. The application should use the returned value from the encrypt/decrypt functions first.

Members

xmlSecEncFailureReasonUnknown

the failure reason is unknown.

  

xmlSecEncFailureReasonKeyNotFound

the key not found.

  

XMLSEC_ENC_RETURN_REPLACED_NODE

#define XMLSEC_ENC_RETURN_REPLACED_NODE                 0x00000001

If this flag is set, then the replaced node will be returned in the replacedNodeList

struct xmlSecEncCtx

struct xmlSecEncCtx {
    /* these data user can set before performing the operation */
    void*                       userData;
    unsigned int                flags;
    unsigned int                flags2;
    xmlEncCtxMode               mode;
    xmlSecKeyInfoCtx            keyInfoReadCtx;
    xmlSecKeyInfoCtx            keyInfoWriteCtx;
    xmlSecTransformCtx          transformCtx;
    xmlSecTransformId           defEncMethodId;

    /* these data are returned */
    xmlSecKeyPtr                encKey;
    xmlSecTransformOperation    operation;
    xmlSecBufferPtr             result;
    int                         resultBase64Encoded;
    int                         resultReplaced;
    xmlSecTransformPtr          encMethod;
    xmlSecEncFailureReason      failureReason;

    /* attributes from EncryptedData or EncryptedKey */
    xmlChar*                    id;
    xmlChar*                    type;
    xmlChar*                    mimeType;
    xmlChar*                    encoding;
    xmlChar*                    recipient;
    xmlChar*                    carriedKeyName;

    /* these are internal data, nobody should change that except us */
    xmlNodePtr                  encDataNode;
    xmlNodePtr                  encMethodNode;
    xmlNodePtr                  keyInfoNode;
    xmlNodePtr                  cipherValueNode;

    xmlNodePtr                  replacedNodeList; /* the pointer to the replaced node */
    void*                       reserved1;        /* reserved for future */
};

XML Encryption context.

Members

void *userData;

the pointer to user data (xmlsec and xmlsec-crypto libraries never touches this).

  

unsigned int flags;

the XML Encryption processing flags.

  

unsigned int flags2;

the XML Encryption processing flags.

  

xmlEncCtxMode mode;

the mode.

  

xmlSecKeyInfoCtx keyInfoReadCtx;

the reading key context.

  

xmlSecKeyInfoCtx keyInfoWriteCtx;

the writing key context (not used for signature verification).

  

xmlSecTransformCtx transformCtx;

the transforms processing context.

  

xmlSecTransformId defEncMethodId;

the default encryption method (used if <enc:EncryptionMethod/> node is not present).

  

xmlSecKeyPtr encKey;

the signature key; application may set encKey before calling encryption/decryption functions.

  

xmlSecTransformOperation operation;

the operation: encrypt or decrypt.

  

xmlSecBufferPtr result;

the pointer to signature (not valid for signature verification).

  

int resultBase64Encoded;

the flag: if set then result in result is base64 encoded.

  

int resultReplaced;

the flag: if set then resulted <enc:EncryptedData/> or <enc:EncryptedKey/> node is added to the document.

  

xmlSecTransformPtr encMethod;

the pointer to encryption transform.

  

xmlSecEncFailureReason failureReason;

the detailed failure reason.

  

xmlChar *id;

the ID attribute of <enc:EncryptedData/> or <enc:EncryptedKey/> node.

  

xmlChar *type;

the Type attribute of <enc:EncryptedData/> or <enc:EncryptedKey/> node.

  

xmlChar *mimeType;

the MimeType attribute of <enc:EncryptedData/> or <enc:EncryptedKey/> node.

  

xmlChar *encoding;

the Encoding attributeof <enc:EncryptedData/> or <enc:EncryptedKey/> node.

  

xmlChar *recipient;

the Recipient attribute of <enc:EncryptedKey/> node..

  

xmlChar *carriedKeyName;

the CarriedKeyName attribute of <enc:EncryptedKey/> node.

  

xmlNodePtr encDataNode;

the pointer to <enc:EncryptedData/> or <enc:EncryptedKey/> node.

  

xmlNodePtr encMethodNode;

the pointer to <enc:EncryptionMethod/> node.

  

xmlNodePtr keyInfoNode;

the pointer to <enc:KeyInfo/> node.

  

xmlNodePtr cipherValueNode;

the pointer to <enc:CipherValue/> node.

  

xmlNodePtr replacedNodeList;

the first node of the list of replaced nodes depending on the nodeReplacementMode

  

void *reserved1;

reserved for the future.

  
Generated by GTK-Doc V1.33.1