Merge branch 'upstream' into tizen

Change-Id: Iacc73c9ed5e9cfd188df62c405426bfa89bf4e51

1 files changed, 26 insertions, 0 deletions

diff --git a/docs/api/src/chapters/using-keys.sgml b/docs/api/src/chapters/using-keys.sgml
new file mode 100644
index 00000000..c2c90f50
--- /dev/null
+++ b/docs/api/src/chapters/using-keys.sgml
@@ -0,0 +1,26 @@
+<chapter id="xmlsec-notes-keys">
+    <title>Keys.</title>
+    <para>A key in XML Security Library is a representation of the 
+	<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo">&lt;dsig:KeyInfo/&gt;</ulink>
+	element and consist of several key data objects. 
+	The "value" key data usually contains raw key material (or handlers to 
+	key material) required to execute particular crypto transform. Other 
+	key data objects may contain any additional information about the key. 
+	All the key data objects in the key are associated with the same key 
+	material. For example, if a DSA key material has both an X509 
+	certificate and a PGP data associated with it then such a key can 
+	have a DSA key "value" and two key data objects for X509 certificate 
+	and PGP key data.
+    </para>
+    <figure>
+	<title>The key structure.</title>
+	<graphic fileref="images/key.png" align="center"></graphic>
+    </figure>	 
+    <para>XML Security Library has several "invisible" key data classes. 
+	These classes never show up in the keys data list of a key but are used for 
+	<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo">&lt;dsig:KeyInfo/&gt;</ulink>
+	children processing (<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyName">&lt;dsig:KeyName/&gt;</ulink>, 
+	&lt;enc:EncryptedKey/&gt;, ...). As with transforms, application might 
+	add any new key data objects or replace the default ones.
+    </para>
+</chapter>